Institution news
Find out about their role and involvement with regards to the seminar, critical engineering challenges, what they are looking forward to at the event and why it is important for engineers to attend.
Q: What is your role and how does it relate to safety and risk management?
Sociotechnical Security Researcher (SSR): My role is Sociotechnical Security Researcher in the Sociotechnical Security Group at the National Cyber Security Centre. The remit of my research group is to enable better cyber security across the UK through multi-disciplinary research into people, technology and their interactions.
One of our main research foci is improving risk management – our primary focus is cyber security but many of our use cases (CNI, defence, transport, industry) have safety aspects and ensuring cyber security and safety risk management work together is critical.
My work is in the area of systems theoretic approaches to risk management which is one way in which we can bring together the risk management of safety and cyber security.
Q: What is the main challenge facing engineers and risk managers when applying and demonstrating ALARP?
SSR: From a cyber security perspective, the challenge is how to integrate cyber security with safety when they have traditionally been quite separate with different standards, approaches and processes. The challenge is how to bring them together in terms of approach and process but also culture and mindset.
Q: How has your approach to risk management changed in recent years?
SSR: Risk management in cyber security has evolved over recent years from one fairly standard approach (component driven) to a recognition that there needs to be different and varied approaches to risk management. In this, the safety world is ahead of where cyber security is, and there’s much we can learn from each other.
Q: What developments are going on in your industry which will change your approach in the future?
SSR: There are more and more contexts in which safety and cyber security are inextricably intertwined and it’s critical that our approaches to risk management for both works together. This will likely change how we manage risk for both safety and cyber security in the future.
Q: What will you be presenting at the ALARP 2019 seminar and how will this benefit participants?
SSR: I will be presenting on how systems theoretic approaches to risk management are beneficial for both cyber security and safety risk management, as it’s one approach that is able to bring the two together.
This type of approach may be new to participants and so introducing them to something different may be useful in their own industries and also challenge them to think about how they integrate safety and cyber security, and what they might need to do differently to fully consider cyber security together with safety.
Q: Which other speakers and presentations are you looking forward to hearing at the forthcoming seminar?
SSR: Nicola Fairburn on Human Factors and Keith Miller on WRA as a qualitative approach to demonstrating ALARP.
Q: Why is it important for engineers and safety practitioners to come together and share best practice?
SSR: It’s easy to become stuck in one way of doing things and opportunities such as this are essential for sharing experiences and refreshing your own thinking.
ALARP 2019 takes place on 12 September at the Crowne Plaza Birmingham City Centre.
Join this seminar to:
- Explore tools and frameworks required to deliver robust risk assessments and demonstrate ALARP
- Hear from specialists in safety and risk management including the Civil Aviation Authority, Sellafield Ltd, Office of Rail and Road, Atkins and HS2
- Receive guidance from regulators and legal experts to aid compliance and limit your exposure to risk
- Learn about the growing safety demands brought about by threats to cyber security with the National Cyber Security Centre
- Understand how automation will change the landscape for risk managers
- Hear case studies from medical device manufacturing, food processing and high-speed rail
- Share best practice in dedicated networking breaks; exchange experiences and benchmark your processes
To book your place, please visit www.imeche.org/alarp.