In case of a major cyber incident, organizations usually rely on external providers of Cyber Incident Response (CIR) services. CIR consultants operate in a dynamic and constantly changing environment in which they must actively engage in information management and problem solving while adapting to complex circumstances. In this challenging environment CIR consultants need to make critical decisions about what to advise clients that are impacted by a major cyber incident. Despite its relevance, CIR decision making is an understudied topic. The objective of this preliminary investigation is therefore to understand what decision-making strategies experienced CIR consultants use during challenging incidents and to offer suggestions for training and decision-aiding. A general understanding of operational decision making under pressure, uncertainty, and high stakes was established by reviewing the body of knowledge known as Naturalistic Decision Making (NDM). The general conclusion of NDM research is that experts usually make adequate decisions based on (fast) recognition of the situation and applying the most obvious (default) response pattern that has worked in similar situations in the past. In exceptional situations, however, this way of recognition-primed decision-making results in suboptimal decisions as experts are likely to miss conflicting cues once the situation is quickly recognized under pressure. Understanding the default response pattern and the rare occasions in which this response pattern could be ineffective is therefore key for improving and aiding cyber incident response decision making. Therefore, we interviewed six experienced CIR consultants and used the critical decision method (CDM) to learn how they made decisions under challenging conditions. The main conclusion is that the default response pattern for CIR consultants during cyber breaches is to reduce uncertainty as much as possible by gathering and investigating data and thus delay decision making about eradication until the investigation is completed. According to the respondents, this strategy usually works well and provides the most assurance that the threat actor can be completely removed from the network. However, the majority of respondents could recall at least one case in which this strategy (in hindsight) resulted in unnecessary theft of data or damage. Interestingly, this finding is strikingly different from other operational decision-making domains such as the military, police and fire service in which there is a general tendency to act rapidly instead of searching for more information. The main advice is that training and decision aiding of (novice) cyber incident responders should be aimed at the following: (a) make cyber incident responders aware of how recognition-primed decision making works; (b) discuss the default response strategy that typically works well in several scenarios; (c) explain the exception and how the exception can be recognized; (d) provide alternative response strategies that work better in exceptional situations.
A major challenge for disaster scholars and policymakers is to understand the power dimension in response networks, particularly relating to collaboration and coordination. We propose a conceptual framework to study interests and negotiations in and between various civic and professional, response networks drawing on the concepts of “programming” and “switching” proposed by Manuel Castells in his work on the network society. Programming in disaster response refers to the ability to constitute response networks and to program/reprogram them in terms of the goals assigned to the network. Switching is the ability to connect different net-works by sharing common goals and combining resources. We employ these concepts to understand how the US Federal Emergency Management Agency organized its response in the aftermath of Hurricanes Katrina and Sandy. Our conceptual framework can be used both by disaster scholars and policymakers to understand how networked power is constructed and utilized.
Background: There is an increase in the number of frail elderly patients presenting to the emergency department. Diagnosis and treatment for this patient group is challenging due to multimorbidity, a-typical presentation and polypharmacy and requires specialised knowledge and competencies from healthcare professionals. We aim to explore the needs and preferences regarding emergency care in frail older patients based on their experiences with received care during Emergency Department admission. Method: A qualitative study design was used, and semi-structured interviews were conducted after discharge with twelve frail older patients admitted to emergency departments in the Netherlands. Data collection and analysis were performed iteratively, and data were thematically analysed. Results: The analysis enfolded the following themes; feeling disrupted, expecting to be cared for, suppressing their needs and wanting to be seen. These themes indicated a need for situational awareness by healthcare professionals when taking care of the participants and were influenced by the participants' life experiences. Conclusion: Frail older patients feel disrupted when admitted to the emergency department. Because of this, they expect to be cared for, lessen their own needs and want to be seen as human beings. The impact of the admission is influenced by the extent to which healthcare professionals show situational awareness.
Nederland kent ongeveer 220.000 bedrijfsongevallen per jaar (met 60 mensen die overlijden). Vandaar dat elke werkgever verplicht is om bedrijfshulpverlening (BHV) te organiseren, waaronder BHV-trainingen. Desondanks brengt slechts een-derde van alle bedrijven de arbeidsrisico’s in kaart via een Risico-Inventarisatie & Evaluatie (RI&E) en blijft het aandeel werknemers met een arbeidsongeval hoog. Daarom wordt er continu geïnnoveerd om BHV-trainingen te optimaliseren, o.a. door middel van Virtual Reality (VR). VR is niet nieuw, maar is wel doorontwikkeld en betaalbaarder geworden. VR biedt de mogelijkheid om veilige realistische BHV-noodsimulaties te ontwikkelen waarbij de cursist het gevoel heeft daar echt te zijn. Ondanks de toename in VR-BHV-trainingen, is er weinig onderzoek gedaan naar het effect van VR in BHV-trainingen en zijn resultaten tegenstrijdig. Daarnaast zijn er nieuwe technologische ontwikkelingen die het mogelijk maken om kijkgedrag te meten in VR m.b.v. Eye-Tracking. Tijdens een BHV-training kan met Eye-Tracking gemeten worden hoe een instructie wordt opgevolgd, of cursisten worden afgeleid en belangrijke elementen (gevaar en oplossingen) waarnemen tijdens de simulatie. Echter, een BHV-training met VR en Eye-Tracking (interacties) bestaat niet. In dit project wordt een prototype ontwikkeld waarin Eye-Tracking wordt verwerkt in een 2021 ontwikkelde VR-BHV-training, waarin noodsituaties zoals een kantoorbrand worden gesimuleerd (de BHVR-toepassing). Door middel van een experiment zal het prototype getest worden om zo voor een deel de vraag te beantwoorden in hoeverre en op welke manier Eye-Tracking in VR een meerwaarde biedt voor (RI&E) BHV-trainingen. Dit project sluit daarmee aan op het missie-gedreven innovatiebeleid ‘De Veiligheidsprofessional’ en helpt het MKB dat vaak middelen en kennis ontbreekt voor onderzoek naar effectiviteit rondom innovatieve-technologieën in educatie/training. Het project levert onder meer een prototype op, een productie-rapport en onderzoeks-artikel, en staat open voor nieuwe deelnemers bij het schrijven van een grotere aanvraag rondom de toepassing en effect van VR en Eye-Tracking in BHV-trainingen.
The Netherlands has approximately 220,000 industrial accidents per year (with 60 people who die). That is why every employer is obliged to organize company emergency response (BHV), including emergency response training. Despite this, only one-third of all companies map out their occupational risks via a Risk Inventory & Evaluation (RI&E) and the share of employees with an occupational accident remains high. That is why there is continuous innovation to optimize emergency response training, for example by means of Virtual Reality (VR). VR is not new, but it has evolved and become more affordable. VR offers the possibility to develop safe realistic emergency response simulations where the student has the feeling that they are really there. Despite the increase in VR-BHV training, little research has been done on the effect of VR in ER training and results are contradictory. In addition, there are new technological developments that make it possible to measure viewing behavior in VR using Eye-Tracking. During an emergency response training, Eye-Tracking can be used to measure how an instruction is followed, whether students are distracted and observe important elements (danger and solutions) during the simulation. However, emergency response training with VR and Eye-Tracking (interactions) does not exist. In this project, a prototype is being developed in which Eye-Tracking is incorporated into a VR-BHV training that was developed in 2021, in which emergency situations such as an office fire are simulated (the BHVR application). The prototype will be tested by means of an experiment in order to partly answer the question to what extent and in what way Eye-Tracking in VR offers added value for (RI&E) emergency response training. This project is therefore in line with the mission-driven innovation policy 'The Safety Professional' and helps SMEs that often lack resources and knowledge for research into the effectiveness of innovative technologies in education/training. The project will include a prototype, a production report and research article, and is open to new participants when writing a larger application about the application and effect of VR and Eye-Tracking in emergency response training.
Public safety is under enormous pressure. Demonstrations regularly result in riots and VIPs are often threatened even at their homes ! Criminal graffiti-gangs are threatening security professionals and costing the Dutch railways (NS), causing a loss of 10 M€ yearly. The safety incidents often escalate quickly, therefore, they require a very quick and correct scaling up of the security professionals. To do so, it is necessary for the security professionals to get very quick and accurate overview of the evolving situation using Mobile Drone intervention unit for quick response (Mobi Dick). The successfully completed project The Beast (9/11) has delivered a universal docking station with an automatic security drone. The drone takes off from a permanently installed docking station. Nest Fly emerged as a startup from this RAAK project, and it has already developed the prototype further to a first product. Based on extensive interaction with security professionals, it has been concluded that a permanently installed docking station is not suitable for all emergency cases. Therefore, a mobile, car-roof top mounted, docking station with a ready-for-take-off drone is required for the more severe and quickly escalating incidents. These situations require a drone taking off from the car-roof top mounted docking station while the vehicles continue to drive towards the incident. In this RAAK KIEM, a feasibility study will be executed by developing a car-roof top docking station. The concept will functionally be designed within the project (task 1). The two required subsystems car roof docking station (task 2) and dynamic take-off & landing (task 3) will technically be developed and integrated (task 4). The outcome of the experiments in this task will show the feasibly of the idea. Task 5 will ensure the results are disseminated in new cooperation’s, publications, and educational products.
