In case of a major cyber incident, organizations usually rely on external providers of Cyber Incident Response (CIR) services. CIR consultants operate in a dynamic and constantly changing environment in which they must actively engage in information management and problem solving while adapting to complex circumstances. In this challenging environment CIR consultants need to make critical decisions about what to advise clients that are impacted by a major cyber incident. Despite its relevance, CIR decision making is an understudied topic. The objective of this preliminary investigation is therefore to understand what decision-making strategies experienced CIR consultants use during challenging incidents and to offer suggestions for training and decision-aiding. A general understanding of operational decision making under pressure, uncertainty, and high stakes was established by reviewing the body of knowledge known as Naturalistic Decision Making (NDM). The general conclusion of NDM research is that experts usually make adequate decisions based on (fast) recognition of the situation and applying the most obvious (default) response pattern that has worked in similar situations in the past. In exceptional situations, however, this way of recognition-primed decision-making results in suboptimal decisions as experts are likely to miss conflicting cues once the situation is quickly recognized under pressure. Understanding the default response pattern and the rare occasions in which this response pattern could be ineffective is therefore key for improving and aiding cyber incident response decision making. Therefore, we interviewed six experienced CIR consultants and used the critical decision method (CDM) to learn how they made decisions under challenging conditions. The main conclusion is that the default response pattern for CIR consultants during cyber breaches is to reduce uncertainty as much as possible by gathering and investigating data and thus delay decision making about eradication until the investigation is completed. According to the respondents, this strategy usually works well and provides the most assurance that the threat actor can be completely removed from the network. However, the majority of respondents could recall at least one case in which this strategy (in hindsight) resulted in unnecessary theft of data or damage. Interestingly, this finding is strikingly different from other operational decision-making domains such as the military, police and fire service in which there is a general tendency to act rapidly instead of searching for more information. The main advice is that training and decision aiding of (novice) cyber incident responders should be aimed at the following: (a) make cyber incident responders aware of how recognition-primed decision making works; (b) discuss the default response strategy that typically works well in several scenarios; (c) explain the exception and how the exception can be recognized; (d) provide alternative response strategies that work better in exceptional situations.
DOCUMENT
The literature on how organizations respond to institutional pressure has shown that the individual decision-makers’ interpretation of institutional pressure played an important role in developing organizational responses. However, it has paid less attention to how this interpretation ultimately contributes to their range of organizational decisions when responding to the same institutional pressure. We address this gap by interviewing board members of U.S. and Dutch hospitals involved in adopting best practices regarding board evaluation. We found four qualitatively different cognitive frames that board members relied on to interpret institutional pressure, and which shaped their organizational response. We contribute to the literature on organizational response to institutional pressure by empirically investigating how decision-makers interpret institutional pressure, by suggesting prior experience and role definition as moderating factors of multidimensional cognitive frames, and by showing how these cognitive frames influence board members’ response to the same institutional pressure.
DOCUMENT
A culture change within an organization may be of importance in this turbulent world. An assessment of the current and desired cultural profiles can help estimate as to whether any changes are required. In this study the organizational culture of a housing association was examined from both the staff’s and external stakeholders’ perspectives. How does the current culture compare with the desired culture? Do the external stakeholders perceive the organization’s culture in a similar way? Do the staff’s and external stakeholders’ perceptions coincide with the organization’s intended image? The results demonstrate that the external stakeholders’ perceptions of the organizational culture in this case study are similar to those of the organization’s staff.
DOCUMENT
The IMPULS-2020 project DIGIREAL (BUas, 2021) aims to significantly strengthen BUAS’ Research and Development (R&D) on Digital Realities for the benefit of innovation in our sectoral industries. The project will furthermore help BUas to position itself in the emerging innovation ecosystems on Human Interaction, AI and Interactive Technologies. The pandemic has had a tremendous negative impact on BUas industrial sectors of research: Tourism, Leisure and Events, Hospitality and Facility, Built Environment and Logistics. Our partner industries are in great need of innovative responses to the crises. Data, AI combined with Interactive and Immersive Technologies (Games, VR/AR) can provide a partial solution, in line with the key-enabling technologies of the Smart Industry agenda. DIGIREAL builds upon our well-established expertise and capacity in entertainment and serious games and digital media (VR/AR). It furthermore strengthens our initial plans to venture into Data and Applied AI. Digital Realities offer great opportunities for sectoral industry research and innovation, such as experience measurement in Leisure and Hospitality, data-driven decision-making for (sustainable) tourism, geo-data simulations for Logistics and Digital Twins for Spatial Planning. Although BUas already has successful R&D projects in these areas, the synergy can and should significantly be improved. We propose a coherent one-year Impuls funded package to develop (in 2021): 1. A multi-year R&D program on Digital Realities, that leads to, 2. Strategic R&D proposals, in particular a SPRONG/sleuteltechnologie proposal; 3. Partnerships in the regional and national innovation ecosystem, in particular Mind Labs and Data Development Lab (DDL); 4. A shared Digital Realities Lab infrastructure, in particular hardware/software/peopleware for Augmented and Mixed Reality; 5. Leadership, support and operational capacity to achieve and support the above. The proposal presents a work program and management structure, with external partners in an advisory role.
Performance feedback is an important mechanism of adaptation in learning theories, as it provides one of the motivations for organizations to learn (Pettit, Crossan, and Vera 2017). Embedded in the behavioral theory of the firm, organizational learning from performance feedback predicts the probability for organizations to change with an emphasis on organizational aspirations, which serve as a threshold against which absolute performance is evaluated (Cyert and March 1963; Greve 2003). It postulates that performance becomes a ‘problem’, or the trigger to search for alternative procedures, strategies, products and behaviors, when performance is below that threshold. This search is known as problemistic search. Missing from this body of research, is empirically grounded understanding if the characteristics of performance feedback over time matter for the triggering function of the feedback. I explore this gap. This investigation adds temporality as a dimension of the performance feedback concept guided by a worldview of ongoing change and flux where conditions and choices are not given, but made relevant by actors and enacted upon (Tsoukas and Chia 2002). The general aim of the study is to complement the current knowledge of performance feedback as a trigger for problemistic search with an explicit process temporal approach. The main question guiding this project is how temporal patterns of performance feedback influence organizational change, which I answer in four chapters, each zooming into one sub-question.First, I focus on the temporal order of performance feedback by examining performance feedback and change sequences organizations go through. In this section time is under study and the goal is to explore how feedback patterns have evolved over time, just as the change states organizations pass through. Second, I focus on the plurality of performance feedback by investigating performance feedback from multiple aspiration levels (i.e. multiple qualitatively different metrics and multiple reference points) and how over time clusters of performance feedback sequences have evolved. Next, I look into the rate and scope of change relative to performance feedback sequences and add an element of signal strength to the feedback. In the last chapter, time is a predictor (in the sequences), and, it is under study (in the timing of responses). I focus on the timing of organizational responses in relation to performance feedback sequences of multiple metrics and reference points.In sum, all chapters are guided by the timing problem of performance feedback, meaning that performance feedback does not come ‘available’ at a single point in time. Similarly to stones with unequal weight dropped in the river, performance feedback with different strength comes available at multiple points in time and it is plausible that sometimes it is considered by decision-makers as problematic and sometimes it is not, because of the sequence it is part of. Overall, the investigation is grounded in the general principles of organizational learning from performance feedback, and the concept of time as duration, sequences and timing, with a focus on specification of when things happen. The context of the study is universities of applied sciences and hotels in The Netherlands. Project partner: Tilburg University, School of Social and Behavioral Sciences, Department of Organization Studies
