|
Government organizations, businesses, and universities are increasingly adding Internet of Things (IoT) devices, such as room occupancy sensors, into their buildings. As these sensors are connected to the internet and networked to building technology (such as heating and lights), an attacker could shut down a building or steal sensitive information. While technical solutions exist, implementation of these solutions are impeded by the challenges that an organization's information technology (IT) staff and a building's operations and management (O&M) staff have when they fail to work closely together and share their knowledge about computer security and how buildings operate. These difficulties arise from different ways of working and different points of view about how technology works. This project addresses these challenges through studying two critical areas: (1) how O&M and IT currently share their knowledge and skills and work together to improve IoT security and (2) how public policies and an organization's own rules regarding privacy and security impact how IT and O&M collaborate. The results of this study will generate knowledge around how IT and O&M professionals can work better together to improve the security of our nation's buildings and offer insights into how public policy may affect professional cybersecurity collaboration.
This project will identify how legal and organizational policies and procedures interact with daily work practices to either support or limit how O&M and IT staff share their expertise and coordinate their work to collaborate on IoT security issues. The research team will conduct observations, interviews, and document analyses, first observing and interviewing IT and O&M staff on collaborative cybersecurity efforts in three U.S. universities and analyzing university documents related to IoT cybersecurity. The research team will concurrently conduct interviews with IT and O&M security experts from across the U.S. as well as create a set of comparative case studies of university O&M and IT IoT security efforts. This research will be followed by a final set of expert interviews. The research team will identify key methods that support IT and O&M collaboration and develop a theoretical model to provide a holistic view of how organization, policy, and practice interact and affect collaboration intended to keep IoT safe and secure. This research will also provide clear examples of how policies, procedures, and practices used in organizations today are supporting or impeding collaboration between IT and O&M professionals.
|
SaTC: CORE: Medium: Knowledge Work and Coordination to Improve O&M and IT Collaboration to Keep Our Buildings Smart AND Secure