In case of a major cyber incident, organizations usually rely on external providers of Cyber Incident Response (CIR) services. CIR consultants operate in a dynamic and constantly changing environment in which they must actively engage in information management and problem solving while adapting to complex circumstances. In this challenging environment CIR consultants need to make critical decisions about what to advise clients that are impacted by a major cyber incident. Despite its relevance, CIR decision making is an understudied topic. The objective of this preliminary investigation is therefore to understand what decision-making strategies experienced CIR consultants use during challenging incidents and to offer suggestions for training and decision-aiding. A general understanding of operational decision making under pressure, uncertainty, and high stakes was established by reviewing the body of knowledge known as Naturalistic Decision Making (NDM). The general conclusion of NDM research is that experts usually make adequate decisions based on (fast) recognition of the situation and applying the most obvious (default) response pattern that has worked in similar situations in the past. In exceptional situations, however, this way of recognition-primed decision-making results in suboptimal decisions as experts are likely to miss conflicting cues once the situation is quickly recognized under pressure. Understanding the default response pattern and the rare occasions in which this response pattern could be ineffective is therefore key for improving and aiding cyber incident response decision making. Therefore, we interviewed six experienced CIR consultants and used the critical decision method (CDM) to learn how they made decisions under challenging conditions. The main conclusion is that the default response pattern for CIR consultants during cyber breaches is to reduce uncertainty as much as possible by gathering and investigating data and thus delay decision making about eradication until the investigation is completed. According to the respondents, this strategy usually works well and provides the most assurance that the threat actor can be completely removed from the network. However, the majority of respondents could recall at least one case in which this strategy (in hindsight) resulted in unnecessary theft of data or damage. Interestingly, this finding is strikingly different from other operational decision-making domains such as the military, police and fire service in which there is a general tendency to act rapidly instead of searching for more information. The main advice is that training and decision aiding of (novice) cyber incident responders should be aimed at the following: (a) make cyber incident responders aware of how recognition-primed decision making works; (b) discuss the default response strategy that typically works well in several scenarios; (c) explain the exception and how the exception can be recognized; (d) provide alternative response strategies that work better in exceptional situations.
Traditional information systems for crisis response and management are centralized systems with a rigid hierarchical structure. Here we propose a decentralized system, which allows citizens to play a significant role as information source and/or as helpers during the initial stages of a crisis. In our approach different roles are assigned to citizens. To be able to designate the different roles automatically our system needs to generate appropriate questions. On the basis of information theory and a restricted role ontology we formalized the process of question generation. Three consecutive experiments were conducted with human users to evaluate to what extent the questioning process resulted in appropriate role determination. The result showed that the mental model of human users does not always comply with the formal model underpinning the questions generation process.
PurposeTo support the development and implementation of exercise programming for people with prostate cancer (PC), we investigated their views on exercise.MethodsOnline survey with open recruitment. We collected data on clinical and sociodemographic variables, experiences with exercise advice, outcome expectations, and preferences. We explored determinants of (1) having been counselled about exercise and (2) preferring supervised exercise.ResultsThe survey was completed by 171 patients (mean age = 70 years, SD = 6.5) from all PC treatment pathways. Sixty-three percent of the respondents reported never having been informed about the potential benefits of exercise. Forty-nine percent preferred exercise to be supervised. Respondents generally reported a positive attitude towards exercise. Seventy-four percent indicated barriers to exercising, including fatigue and lack of access to specific programmes. Outcome expectations were generally positive but moderately strong. Receiving hormonal therapy and younger age were significantly associated with having received exercise advice. Being insured and having higher fatigue levels contributed significantly to the preference for supervised exercise.ConclusionDutch people with PC report receiving insufficient effective exercise counselling. Yet, they are open to exercise and expect exercise to improve their health, although they experience various barriers that limit their ability to exercise.Implications for Cancer SurvivorsThe moderate outcome expectations for exercise of people with PC and their limited recall of exercise counselling highlight the need for better integration of exercise in clinical pathways. The lack of access to specific programming limits the use of evidence-based exercise programmes for people with PC.
MULTIFILE
