PAULO HENRIQUE BIANCHI

PAULO HENRIQUE BIANCHI

Página do item completo

Resultados de Busca

Agora exibindo 1 - 4 de 4

Potential Organizational Behavior Management (OBM) contributions for raising Computer Security awareness and insider threat mitigation
2023 - BIANCHI, PAULO H.; PESSOA, CANDIDO V.B.B.; SILVA, ANTONIO T. e
Organizational Behavior Management (OBM) is a research field dedicated for developing processes to modify human behavior in organizational environment. It is derived from Behavior Analysis, a methodology for studying human behavior with three characteristics that enables research to be translated into applied technology: Quantification, variables can be quantified and standardized; Repetition, results are predictable in a degree of trustworthiness; and Verification, processes are described with sufficient details allowing its replication. For OBM, an organization applies Value Based Governance when it enables and reinforces employees to change their environment according to organizational values. Also, for OBM, Verbal Governance is the leadership’s capacity to verbally engage and motivate employees to comply with organizational rules and values. The IAEA NSS No. 42-G states that a security culture is an essential aspect of any nuclear security regime and Computer Security should be accounted when promoting security culture in nuclear facilities. In this work we will argue that Value Based Governance would mitigate insider threat, especially from disgruntled employees, and would also raise awareness when Computer Security is an important organizational value for leadership. Finally, we suggest an effective, evidence-based Verbal Governance technique able to promote Computer Security values in nuclear facilities.
A systemic approach to information and cyber security
2020 - LEMOS, F.L.; BIANCHI, P.H.
Design Based Threat, or DBT, is a common principle for physical and cyber protection, which is based on threat assessments. The protection, cyber or physical, will be planned based on the type of the identified threat. While we acknowledge the importance of the DBT, we argue that following this line of reasoning may limit our ability to grasp other vulnerabilities the system may have due to the following assumptions: a) The system will behave according to the way we think it should, based on a predetermined fashion. b) If each component of the system is reliable, then the system will be reliable. Systems theory assumes that accidents are a result of systemic factors, and does not have a single root-cause, generally a failure, that starts a chain of events leading to the accident. Moreover, systems theory assumes that security and safety are emergent properties of a system that result from the interactions between the components of that system. Therefore, accidents are a problem of control of the interactions between the components of the system rather than a problem of failures of components. In the systemic approach a cyber security system is treated as part of the whole socio-technical complex system, where humans are components of the system and interact with the computerized controls. The organizational culture permeates the entire system affecting decisions and, consequently, the interactions between the components. Weak safety and security cultures will eventually contribute for the system to migrate to hazardous states leading to losses or accidents. The paper analyzes the roles of organizational, safety and security cultures, as underlying factors that can lead to the deterioration of the hierarchical control structure, which is supposed to keep the interactions between the components of the system within desirable constraints.
Monitoring and operational support on nuclear power plants using an artificial intelligence system
2009 - BIANCHI, PAULO H.; BAPTISTA FILHO, BENEDITO D.
It governance in a research institute within the brazilian federal government
2011 - BIANCHI, PAULO H.; PALETTA, FRANCISCO C.