A Socio-Technical Approach to Cyber Risk Management and Impact Assessment

Andrew Blyth, Konstantinia Charitoudi

Research output: Contribution to journalArticlepeer-review


Technology is increasingly being used by organisations to mediate social/business relationships and social/business transactions. While traditional models of impact assessment have focused on the loss of confidentiality, integrity and availability, we propose a new model based upon socio-technical systems thinking that places the people and the technology within an organisation’s business/functional context. Thus in performing risk management in a cyber security and safety context, a detailed picture of the impact that a security/safety incident can have on an organisation is developed. This in turn stimulates a more holistic view of the effectiveness, and appropriateness, of a counter measure.
Original languageEnglish
JournalJournal of Information Security
Issue number01
Publication statusPublished - 1 Jan 2013


  • impact assessment
  • risk management
  • socio-technical systems


Dive into the research topics of 'A Socio-Technical Approach to Cyber Risk Management and Impact Assessment'. Together they form a unique fingerprint.

Cite this