Cyber Crime and Cyber Terrorism

Download 5,67 Mb.

Pdf ko'rish

bet	51/283
Sana	19.05.2022
Hajmi	5,67 Mb.
	#604880

1 ... 47 48 49 50 51 52 53 54 ... 283

Bog'liq
Cyber crime and cyber terrorism investigators handbook by Babak

BALANCING TECHNOLOGICAL AND HUMAN CAPABILITIES

47

Balancing technological and human capabilities
User-centered approaches have been applied in research areas as wide as health-
care, product design, human-computer interaction and, more recently, security and
counter-terrorism (
Saikayasit et al., 2012; Stedmon et al., 2013
). A common aim
is the effective capture information from the user’s perspective so that system re-
quirements can then be designed to support what the user needs within specified
contexts of use (
Wilson, 1995
). Requirements elicitation is characterized by exten-
sive communication activities between a wide range of people from different back-
grounds and knowledge areas, including end-users, stakeholders, project owners or
champions, mediators (often the role of the human factors experts) and developers
(
Coughlan and Macredie, 2002
). This is an interactive and participatory process that
should allow users to express their own local knowledge and for designers to display
their understanding, to ensure a common design base (
McNeese et al., 1995; Wilson,
1995
). End-users are often experts in their specific work areas and possess deep
levels of knowledge gained over time that is often difficult to communicate to others
(
Blandford and Rugg, 2002; Friedrich and van der Pool, 2007
). Users often do not re-
alize what information is valuable to investigations and the development of solutions
or the extent to which their knowledge and expertise might inform and influence the
way they work (
Nuseibeh and Easterbrook, 2000
).
BALANCING TECHNOLOGICAL AND HUMAN CAPABILITIES
Within cyber-security it can be extremely difficult to capture user requirements.
Bearing in mind the earlier cyber-security issues, it is often a challenge to identify
and reach out to the users that are of key interest for any investigation. For example,
where user trust has been breached (e.g., through a social networking site, or some
form of phishing attack) users may feel embarrassed, guilty for paying funds to a
bogus provider, and may not want to draw attention to themselves. In many ways
this can be similar for larger corporations who may be targeted by fraudsters using
identity theft tactics to pose as legitimate clients. Whilst safeguards are in place to
support the user-interaction and enhance the user-experience, it is important to make
sure these meet the expectations of the users for which they are intended.
In real world contexts, many aspects of security and threat identification in public
spaces still rely upon the performance of frontline security personnel. However this
responsibility often rests on the shoulder of workers who are low paid, poorly mo-
tivated and lack higher levels of education and training (
Hancock and Hart, 2002
).
Real-world security solutions attempt to embody complex, user-centered, socio-
technical systems in which many different users interact at different organizational
levels to deliver technology focused security capabilities.
From a macro-ergonomics perspective it is possible to explore how the systemic
factors contribute to the success of cyber-security initiatives and where gaps may ex-
ist. This approach takes a holistic view of security, by establishing the socio- technical
entities that influence systemic performance in terms of integrity, credibility, and
performance (
Kleiner, 2006
). Within this perspective it is also important to consider

Download 5,67 Mb.

Do'stlaringiz bilan baham:

1 ... 47 48 49 50 51 52 53 54 ... 283