Escrito por estudiantes que aprobaron Inmediatamente disponible después del pago Leer en línea o como PDF ¿Documento equivocado? Cámbialo gratis 4,6 TrustPilot
logo-home
Notas de lectura

Cyber Crisis Management and Resilience Lecture Notes (Lectures 1-12) - GRADE 8,0

Puntuación
-
Vendido
1
Páginas
45
Subido en
24-03-2025
Escrito en
2024/2025

Notes on the lectures & video materials from the course (2025) Cyber Crisis Management and Resilience. INCLUDES notes from lectures 1-12 (Total: 45 pages).

Institución
Grado

Vista previa del contenido

Notes on the lectures & video materials from the course (2025) Cyber Crisis Management and
Resilience. INCLUDES notes from lectures 1-12 (Total: 45 pages).


Cyber Crisis Management and Resilience Lecture Notes (Lectures
1-12)


Table of Contents

Lectures​ 1

Lecture 1: Introduction to Cyber Crises​ 1

Lecture 2: Crisis Management 101 (Chiara Anfuso)​ 3

Lecture 3: How do cyber crises affect us?​ 6

Lecture 4: The Human Cost of Cyber Incidents​ 9

Lecture 5: Regulatory Frameworks for Cyber Crisis Management in the European Union​
13

Lecture 6: Organisational Preparedness for Cyber Incidents​ 18

Lecture 7: Fragmentation - Integration & Communication (Parto Mirzaei)​ 20

Lecture 8: Detection & Response to Cyber Crises​ 24

Lecture 9: Decision-Making & Meaning-Making in Cyber Crisis Management​ 28

Lecture 10: Cyber Crisis Communication​ 32

Lecture 11: Learning from Cyber Crises (Dr Jason R.C. Nurse)​ 33

Lecture 12: Toward Resilience – Accountability & Learning from Cyber Crises​ 34

Video Materials​ 39

Video 1: Qualitative & Quantitative Data Analysis​ 39

Video 2: Content Analysis​ 40

Video 3: Descriptive Analysis of Quantitative Data​ 41

Video 4: Mean, Variance & Standard Deviation​ 42

Video 5: Parametric & Non-Paramatric Test Analysis​ 42

, 1


Lectures

Lecture 1: Introduction to Cyber Crises
Definitions
Crisis: When a group, organisation or community experiences “a Key components (based on
serious threat to the basic structures or the fundamental values and PERCEPTION):
1.​ Threat to values.
norms of a system, which under time pressures & highly uncertain
2.​ Sense of urgency.
circumstances necessitates making vital decisions.” 3.​ Uncertainty & ambiguity.
➔​ Moment when decisions can be made (“distinguish, choose, decide”) about the problem at
hand (to avoid it becoming a disaster). It is NOT a disaster (i.e when things go wrong)
➔​ Crises are about perceptions as labels put on an event (NOT objective).
◆​ COVID-19 = perceived as a crisis.
◆​ Climate change = NOT perceived as a crisis (despite being framed as one).

Cyber Incident: An event that causes damage to data, systems &/or networks; & people their
possessions or things they consider valuable. Can be intentional or accidental.
➔​ Important aspect = mean/target is digital technology.
➔​ 2 separate concepts that are increasingly intertwined:
◆​ Crisis = perception of a situation as threatening, urgent & uncertain (e.g. 2024
Valencia floods).
◆​ Cyber incident = event that affects us through/in cyberspace (e.g. 2024 CrowdStrike
incident).

Cyber Crisis: When a social system (e.g. community, organisation, policy sector, country, region)
experiences an urgent threat to its basic structures or fundamental values, which harbors many
‘unknowns’ & appears to require far-reaching response. The mean &/or the target is digital
technology.
➔​ A window of time from t1 (perception of a serious cyber threat) to t2 (finished with
perception) to decide (focus on decision-making).
➔​ In practice, it exceeds the social system’s social system & threatens reputation.
➔​ Risks reputational damage, with escalation & cascading effects (difficult to predict).
➔​ Requires public & stakeholder communication.
➔​ Most common cyber crises:
◆​ Data Breaches: When attackers enter the system & leak/publish the data. Risks
reputational damage. Difficult to detect intrusions & when attackers have been
removed from the system
◆​ Ransomeware: Malware that once installed encrypts the data demanding a ransom
to decrypt the data (e.g. phishing, infiltration). Commonly used today where
companies are largely online. It demands instant decision-making.
◆​ Distributed Denial-of-Service (DDoS) Attack: Overloads the system, preventing
access to it.
◆​ Poisoning Attack: Growing attack against AI & large-language models, where
attackers enter false data to skew & influence results.

, 2




Means

NO Cyberspace Cyberspace

NO Traditional crisis (e.g. 2024 Valencia Cyber-enabled crisis (e.g. data breach,
Cyberspace floods). fraud affecting individuals/things
outside the cyber realm).
Harms
Cyberspace Cyber-targeted crisis through Cyber-dependent crisis (e.g. DDOS
non-cyber means (e.g. targeting attack, critical infrastructure attack).
internet connection tubes/wires).


Analytical dimensions:
1.​ Public vs. private
●​ Public = influences society & public interests (2017 WannaCry ransomware attacks).
●​ Private = affects individuals & subjects within 1 organisation (2022 ICRC data breach).
2.​ Incidental vs. intentional
◆​ Incidental = NO malicious aim (2024 CrowdStrike incident). Although blurred lines
(i.e. can be used as an opportunity for other attackers to strike).
◆​ Intentional = clear malicious & targeted intent (2016 NotPetya attack).
3.​ Operational vs. reputational
◆​ Operational = affecting a system’s operations (2024 CrowdStrike incident).
◆​ Reputational = influencing customer’s trust of the company (2018-2020 Vastaamo
data breach).
4.​ Harms IN vs. VIA cyberspace
◆​ Harms IN cyberspace (2016 NotPetya attack).
◆​ Harms VIA cyberspace = affecting knowledge &
trust in institutions (2016 US Presidential
Elections).
5.​ Localised vs. widespread
◆​ Localised = geographically-based at a specific
location (2019 Baltimore ransomware).
◆​ Widespread = worldwide impact (2017
WannaCry ransomware attacks).

Particularities different to traditional crises:
●​ Technical/technological complexity (difficulties for public understanding).
●​ Detection & visibility (typically remain undiscovered for a long time).
●​ Public perception (difficulties in public communication & understanding).
●​ Transboundary nature (widespread consequences).

Implications:
●​ Cyber crises are more complex & transboundary, less detectable & sharing more difficulties
in controlling public perception.

, 3


●​ Different expertise is required for preparation, detection & response (e.g. cybersecurity
training, Security Operation Centers, CERT/CSIRT, forensic/threat intelligence teams).
●​ Difficulties obtaining a shared situation awareness that leads to good decision-making.
●​ Communication strategies must be adapted & well-explained if action is needed.
●​ Coordination between different organisations & states.



Lecture 2: Crisis Management 101 (Chiara Anfuso)
Defining Crisis
How would you manage this situation? Is this scenario considered a crisis? Why/why not?

You are the Operations Manager for a regional hospital located Managing this situation:
in Dixham, a city along the coast. A severe storm is expected to ●​ Classifying it as a crisis (trigger
hit in the next 24 hours. Weather experts have warned that responses).
there is a medium to high possibility that the storm could
●​ House staff in the hospital.
intensify into a Category 4 or 5 hurricane, but its exact path &
impact remain unclear. Your hospital is one of the few medical ●​ Focus on emergency & urgent care.
facilities in the region that can provide emergency care & is ●​ Focus on pre- (before the hurricane
currently treating several at-risk patients. Local Authorities have hits) & post-crisis situations.
begun issuing warnings & advising the population to remain
home. You anticipate possible staff shortages & restrictions to
road access. Additionally, patients have started to reach out with
concerns about their safety.


Crisis (Rosenthal et al.): “A serious threat to the basic structures or fundamental values and norms of
a social system, which, under conditions of time pressure and very uncertain circumstances,
demands critical decision-making.”
➔​ Boin et al. = a crisis is a critical juncture (i.e. can change the way we approach it) in the life of
a system. Can be viewed as a:
○​ Crisis (occurs when damage happens).
○​ Window of opportunity = change something that does NOT currently work in
society, values & norms (i.e. climate change → more recycling).

Categorising crises:
●​ Basic locus of crisis:
○​ Internal = starts from within the organisations. Viewed from the outside as the fault
of the organisation (e.g. reputational damage).
○​ External = outside situations affecting the organisation (e.g. hurricane).
●​ Where the crisis hits:
○​ Transboundary = happening at the same time crossing boundaries, jurisdictions,
states, regions & legislations (e.g. Syrian refugee crisis starts locally, before
escalating).
○​ Cascading = more isolated domino effect (e.g. Fukushima disaster earthquake →
tsunami → nuclear accident).
●​ Perceived urgency:
○​ Short-term = days, weeks or months.

Escuela, estudio y materia

Institución
Estudio
Grado

Información del documento

Subido en
24 de marzo de 2025
Archivo actualizado en
4 de abril de 2025
Número de páginas
45
Escrito en
2024/2025
Tipo
NOTAS DE LECTURA
Profesor(es)
Dr. c. del real
Contiene
Lectures 1-12

Temas

$8.20
Accede al documento completo:

¿Documento equivocado? Cámbialo gratis Dentro de los 14 días posteriores a la compra y antes de descargarlo, puedes elegir otro documento. Puedes gastar el importe de nuevo.
Escrito por estudiantes que aprobaron
Inmediatamente disponible después del pago
Leer en línea o como PDF


Documento también disponible en un lote

Conoce al vendedor

Seller avatar
Los indicadores de reputación están sujetos a la cantidad de artículos vendidos por una tarifa y las reseñas que ha recibido por esos documentos. Hay tres niveles: Bronce, Plata y Oro. Cuanto mayor reputación, más podrás confiar en la calidad del trabajo del vendedor.
giacomoef Universiteit Leiden
Seguir Necesitas iniciar sesión para seguir a otros usuarios o asignaturas
Vendido
940
Miembro desde
4 año
Número de seguidores
285
Documentos
82
Última venta
1 mes hace
Leiden University - IRO & CSM Notes

Creating concise notes and study guides for the following Leiden University programmes: - International Relations and Organisations (BSc) - Crisis and Security Management (MSc) [Cyber Security Governance] *All the money made (except the 40% that Stuvia keeps) will be donated to MSF’s (Doctors Without Borders) Palestine fund.*

4.6

142 reseñas

5
104
4
26
3
7
2
2
1
3

Por qué los estudiantes eligen Stuvia

Creado por compañeros estudiantes, verificado por reseñas

Calidad en la que puedes confiar: escrito por estudiantes que aprobaron y evaluado por otros que han usado estos resúmenes.

¿No estás satisfecho? Elige otro documento

¡No te preocupes! Puedes elegir directamente otro documento que se ajuste mejor a lo que buscas.

Paga como quieras, empieza a estudiar al instante

Sin suscripción, sin compromisos. Paga como estés acostumbrado con tarjeta de crédito y descarga tu documento PDF inmediatamente.

Student with book image

“Comprado, descargado y aprobado. Así de fácil puede ser.”

Alisha Student

Preguntas frecuentes