Unpacking the Complex Socio-Technical Systems Assemblages in Cybersecurity

Abstract

The ensuing digital transformation means that cybersecurity solutioning increasingly occurs in the context of complex intractable socio-technical systems comprising non-technical elements, including human, social, and societal factors. These evolving cybersecurity ecosystem dynamics, at the confluence of cyber-physical-social spaces, present several challenges to techno-centric cybersecurity solutions including for risk assessment, threat modelling, and incident analysis. This paper unpacks the complexity of the cybersecurity domain and illustrates the associated socio-technical systems assemblages through a case study and situational analysis of a cybersecurity incident. It then reviews socio-technical systems analysis approaches from the safety management domain and discusses the alignment with and relevance for cybersecurity. The utility of these approaches is demonstrated by applying the functional resonance analysis method to the said cybersecurity incident. The situational analysis surfaces the diverse set of factors, including human, non-human, cultural, economic, institutional, and global, that directly played a role in the unfolding of the incident, and which need to be considered in risk assessment and incident analysis. Further, analysing the incident through the functional resonance analysis method shows the functional dependencies and cascade of performance variability between the different elements in this situation, which goes beyond simple, root-cause, linear causality, and purely technical explanations. Overall, the paper explicates the need for cybersecurity risk assessment and incident analysis that is commensurate with the complexity of underlying socio-technical cyber systems.