Cybersecurity threat and incident managers in large organizations, especially in the financial sector, are confronted more and more with an increase in volume and complexity of threats and incidents. At the same time, these managers have to deal with many internal processes and criteria, in addition to requirements from external parties, such as regulators that pose an additional challenge to handling threats and incidents. Little research has been carried out to understand to what extent decision support can aid these professionals in managing threats and incidents. The purpose of this research was to develop decision support for cybersecurity threat and incident managers in the financial sector. To this end, we carried out a cognitive task analysis and the first two phases of a cognitive work analysis, based on two rounds of in-depth interviews with ten professionals from three financial institutions. Our results show that decision support should address the problem of balancing the bigger picture with details. That is, being able to simultaneously keep the broader operational context in mind as well as adequately investigating, containing and remediating a cyberattack. In close consultation with the three financial institutions involved, we developed a critical-thinking memory aid that follows typical incident response process steps, but adds big picture elements and critical thinking steps. This should make cybersecurity threat and incident managers more aware of the broader operational implications of threats and incidents while keeping a critical mindset. Although a summative evaluation was beyond the scope of the present research, we conducted iterative formative evaluations of the memory aid that show its potential.
Airports have undergone a significant digital evolution over the past decades, enhancing efficiency, effectiveness, and user-friendliness through various technological advancements. Initially, airports deployed basic IT solutions as support tools, but with the increasing integration of digital systems, understanding the detailed digital ecosystem behind airports has become crucial. This research aims to classify technological maturity in airports, using the access control process as an example to demonstrate the benefits of the proposed taxonomy. The study highlights the current digital ecosystem and its future trends and challenges, emphasizing the importance of distinguishing between different levels of technological maturity. The role of biometric technology in security access control is examined, highlighting the importance of proper identification and classification. Future research could explore data collection, privacy, and cybersecurity impacts, particularly regarding biometric technologies in Smart Access Level 4.0. The transition from Smart Access Level 3.0 to 4.0 involves process automation and the introduction of AI, offering opportunities to increase efficiency and improve detection capabilities through advanced data analytics. The study underscores the need for global legislative frameworks to regulate and support these technological advancements.
