Cyber Security Culture: Counteracting Cyber Threats through Organizational Learning and Training

  • 3h 51m
  • David Upton, Peter Trim
  • Ashgate Publishing
  • 2013

Focusing on countermeasures against orchestrated cyber-attacks, Cyber Security Culture is research-based and reinforced with insights from experts who do not normally release information into the public arena. It will enable managers of organizations across different industrial sectors and government agencies to better understand how organizational learning and training can be utilized to develop a culture that ultimately protects an organization from attacks. Peter Trim and David Upton believe that the speed and complexity of cyber-attacks demand a different approach to security management, including scenario-based planning and training, to supplement security policies and technical protection systems.

The authors provide in-depth understanding of how organizational learning can produce cultural change addressing the behaviour of individuals, as well as machines. They provide information to help managers form policy to prevent cyber intrusions, to put robust security systems and procedures in place and to arrange appropriate training interventions such as table top exercises. Guidance embracing current and future threats and addressing issues such as social engineering is included.

Although the work is embedded in a theoretical framework, non-technical staff will find the book of practical use because it renders highly technical subjects accessible and links firmly with areas beyond ICT, such as human resource management - in relation to bridging the education/training divide and allowing organizational learning to be embraced. This book will interest Government officials, policy advisors, law enforcement officers and senior managers within companies, as well as academics and students in a range of disciplines including management and computer science.

About the Authors

Peter Trim PhD is a Senior Lecturer in Management and Director of the Centre for Advanced Management and Interdisciplinary Studies (CAMIS) at Birkbeck College, University of London. He holds degrees from various institutions including City University, Cranfield Institute of Technology and Cambridge University. During his academic career he has taught a range of Marketing and Management courses in France, Hong Kong, the Netherlands and the UK. He has published widely in a number of areas including Strategic Marketing, Industrial Marketing, Management Education, Corporate Intelligence, Corporate Security and National Security; and was co-editor, with Jack Caravelli, of Strategizing Resilience and Reducing Vulnerability, which was published by Nova Science Publishers Inc. in 2009.

Dr Trim has worked in several industries and has participated in a number of academic, government and industry workshops, both in the UK and abroad. He is a member of a number of professional associations and was previously Chairman of the Society for the Advancement of Games and Simulations in Education and Training (SAGSET). He has also been involved in another research project under the Network Security – Information Infrastructure Protection programme, funded jointly by the Technology Strategy Board and SEEDA (South East England Development Agency).

David Upton is a Director of Stirling Reid Limited, a specialized consultancy company based in London, which has organized emergency response exercises in all continents and many industrial sectors. These have covered business continuity issues, industrial emergency response, and top-level crisis management. Stirling Reid Limited's clients include government organizations, agencies, utility companies, oil, gas, pharmaceutical, shipping and transportation companies. He is the author of various publications including 'Large emergency-response exercises: Qualitative characteristics – A survey' (Lee, Y-I., Trim, P.R.J., Upton, J. and Upton, D. (2009). Simulation & Gaming: An International Journal of Theory, Practice and Research, 40 (6), 726–51).

David is a member of the National Council of the Society of Industrial Emergency Services officers (SIESO), the Emergency Planning Society, and the Institute of Energy. A graduate of Cambridge University, he also studied at London Business School. He was formerly in the British Diplomatic Service, where he served in British Embassies in South Africa, Iran and Australia, and was also a Foreign Office Spokesman dealing with the world's media. He is fascinated by the whole question of simulation and the representation of reality, about which he maintains a weblog.

In this Book

  • Introduction and Background to the Research
  • Social Engineering
  • Organizational Issues Relating to Critical Information Infrastructure Protection
  • Protecting Critical Information Infrastructure: Issues and Considerations
  • Critical Information Infrastructure: Methods of Conceptualizing Interdependencies that No One Person Fully Understands
  • Insights into Organizational Learning
  • Critical Information Infrastructure Road Map
  • The Learning Organization and Managing Change
  • Devising an Effective Counter Threat Strategy


Rating 4.3 of 1192 users Rating 4.3 of 1192 users (1192)
Rating 4.6 of 29 users Rating 4.6 of 29 users (29)