Engineering resilience to human threats

Speaking at the first Preparing London for Change Lecture, three experts set out how the industry can become more resilient to human threats.

Civil engineers must consider terrorism and cyber-attacks when designing infrastructure and buildings, three experts have told ICE members.

Speaking at the first Preparing London for Change Lecture on 27 March, the three speakers looked at human threats to London's core systems, considering how the construction sector can prevent and mitigate the damage caused by these threats.

Garreth Dent from Paratum, the first speaker of the evening, told attendees how risk can be designed out of infrastructure projects by considering potential terrorist events.

By looking at how an attack could take place, engineers can design public areas and infrastructure hotspots to make it easier for the authorities and harder for the terrorists to act. Modelling these scenarios and adding certain design features can help dissuade terrorists from attacking the location and can save lives if they do.

Garreth also looked at new and emerging ways of protecting infrastructure, such as using materials that can absorb blasts or mechanisms to block vehicles being used in an attack.

Nathan Jones from Turner and Townsend covered the different ways that organisations can come under attack from cyberspace, exploring how criminals can steal data, blackmail or hold to ransom businesses by hacking into their online systems.

Nathan also looked at the growing number of large organisations that have publicly reported being hacked and the increasing dangers from smart infrastructure systems using sensors and big data. His answer was not to avoid these new technologies, but for civil engineers to become more aware of the vulnerabilities and how cyber-attacks can be avoided.

He highlighted that cyber-attacks come in many forms, from governments to a teenager sitting in his living room. One particular form of cyber-attack which is becoming more prevalent is from disgruntled employees hacking their company's system.

Amanda Widdowson from Thales concluded the lecture by examining the human factors related to cyber-attacks, where errors by people installing or operating digital infrastructure opens up vulnerabilities in the system.

Incidents include the use of tailgating to get access to a building or not changing network passwords from their default settings. Sensitive information can also be leaked from unsuspecting employees who speak on the phone in public areas or who are active on social media.

Amanda was clear that blaming employees for such incidents can lead to future incidents not being reported. Instead, there are actions organisations can take to reduce the risk of human-related cyber security incidents.

This article was originally published here on 4 April 2017 by ICE. It was written by Max Sugerman.

--The Institution of Civil Engineers

[edit] Related articles on Designing Buildings Wiki

• Articles by ICE on Designing Buildings Wiki.
• Buildings that help rebuild lives and communities.
• Business resilience.
• Critical infrastructure is more vulnerable than ever. It doesn’t have to be that way.
• Cyber threats to building automation and control systems.
• Designing resilient cities: a guide to good practice (EP 103).
• Digital communications and infrastructure dependencies.
• Infrastructure and cyber attacks.
• Resilience.
• Security and the built environment.