Cyber situation awareness in focus at CfSR’s first breakfast seminar
Last week, the Center for Security and Resilience (CfSR) at the Stockholm School of Economics hosted its first-ever Academic Insights Breakfast Seminar. The theme was cyber situation awareness - the ability of organizations to detect, interpret, and respond to digital threats, with Postdoc Fellow as keynote speaker.
Digitalization has transformed every sector of society. But as dependence on digital systems grows, so do the risks. Cyber situation awareness, or the ability to understand what's going on in the digital environment, is not only about technology. It also requires human judgment, collaboration, and the right organizational structures.
– Cybersecurity is not just about firewalls and software. It's also about people and processes, and how information flows within and between organizations, said Annika Andreasson, who recently defended her doctoral thesis on the topic.
Andreasson’s research shows that staff working with cybersecurity in the public sector often face challenges such as lack of access to relevant information, uneven resources across the public sector, and insufficient collaboration between different actors. These obstacles make it harder to build an understanding of ongoing the cyber environment - something that is crucial for both operational continuity and national resilience.
Annika Andreasson during her presentation. Photo: Edvin Landvik
Improving awareness through collaboration
How, then, can organizations strengthen their cyber situation awareness? According to Andreasson, one step is to establish better systems for sharing incident reports and threat intelligence at the national level. This would help individual organizations see their own situation in a broader context. Another is to tailor guidelines and common operational pictures to different roles, ensuring that staff across sectors have access to information relevant to their role.
– Building cyber resilience is a team effort. Organizations need to develop clear processes for how information is shared and used, and create a culture where learning from incidents is encouraged, said Andreasson.
The seminar highlighted how these challenges are not only relevant for IT departments, but for the resilience of society at large. As the Swedish Armed Forces put it in their Military Doctrine: “A prerequisite for a strong cyber defense is that all actors within the total defense have good information security and cybersecurity.”
The breakfast seminar was organized in collaboration with and marks the launch of a new format where the Center for Security and Resilience will invite researchers to share insights over breakfast discussions.
Participants engaging in discussion during the seminar. Photo: Edvin Landvik
