{"id":"https://openalex.org/W4413371520","doi":"https://doi.org/10.1093/cybsec/tyaf019","title":"Learning from safety science: designing incident reporting systems in cybersecurity","display_name":"Learning from safety science: designing incident reporting systems in cybersecurity","publication_year":2025,"publication_date":"2025-01-01","ids":{"openalex":"https://openalex.org/W4413371520","doi":"https://doi.org/10.1093/cybsec/tyaf019"},"language":"en","primary_location":{"id":"doi:10.1093/cybsec/tyaf019","is_oa":true,"landing_page_url":"https://doi.org/10.1093/cybsec/tyaf019","pdf_url":null,"source":{"id":"https://openalex.org/S2735156331","display_name":"Journal of Cybersecurity","issn_l":"2057-2085","issn":["2057-2085","2057-2093"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310311648","host_organization_name":"Oxford University Press","host_organization_lineage":["https://openalex.org/P4310311648","https://openalex.org/P4310311647"],"host_organization_lineage_names":["Oxford University Press","University of Oxford"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Cybersecurity","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://doi.org/10.1093/cybsec/tyaf019","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5006583404","display_name":"Nico Ebert","orcid":"https://orcid.org/0000-0002-9683-4792"},"institutions":[{"id":"https://openalex.org/I200744771","display_name":"ZHAW Zurich University of Applied Sciences","ror":null,"country_code":"CH","type":null,"lineage":["https://openalex.org/I200744771"]}],"countries":["CH"],"is_corresponding":true,"raw_author_name":"Nico Ebert","raw_affiliation_strings":["Institute of Business Information Technology ZHAW School of Management and Law, , Theaterstrasse 17, 8400 Winterthur,"],"raw_orcid":"https://orcid.org/0000-0002-9683-4792","affiliations":[{"raw_affiliation_string":"Institute of Business Information Technology ZHAW School of Management and Law, , Theaterstrasse 17, 8400 Winterthur,","institution_ids":["https://openalex.org/I200744771"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5052207701","display_name":"Thierry Schaltegger","orcid":"https://orcid.org/0000-0002-6125-9169"},"institutions":[{"id":"https://openalex.org/I200744771","display_name":"ZHAW Zurich University of Applied Sciences","ror":null,"country_code":"CH","type":null,"lineage":["https://openalex.org/I200744771"]}],"countries":["CH"],"is_corresponding":false,"raw_author_name":"Thierry Schaltegger","raw_affiliation_strings":["Institute of Business Information Technology ZHAW School of Management and Law, , Theaterstrasse 17, 8400 Winterthur,"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Institute of Business Information Technology ZHAW School of Management and Law, , Theaterstrasse 17, 8400 Winterthur,","institution_ids":["https://openalex.org/I200744771"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5033206743","display_name":"Benjamin Ambuehl","orcid":"https://orcid.org/0000-0003-2350-970X"},"institutions":[{"id":"https://openalex.org/I200744771","display_name":"ZHAW Zurich University of Applied Sciences","ror":null,"country_code":"CH","type":null,"lineage":["https://openalex.org/I200744771"]}],"countries":["CH"],"is_corresponding":false,"raw_author_name":"Benjamin Ambuehl","raw_affiliation_strings":["Institute of Business Information Technology ZHAW School of Management and Law, , Theaterstrasse 17, 8400 Winterthur,"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Institute of Business Information Technology ZHAW School of Management and Law, , Theaterstrasse 17, 8400 Winterthur,","institution_ids":["https://openalex.org/I200744771"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5067756899","display_name":"Tim Geppert","orcid":"https://orcid.org/0000-0002-1444-0926"},"institutions":[{"id":"https://openalex.org/I200744771","display_name":"ZHAW Zurich University of Applied Sciences","ror":null,"country_code":"CH","type":null,"lineage":["https://openalex.org/I200744771"]}],"countries":["CH"],"is_corresponding":false,"raw_author_name":"Tim Geppert","raw_affiliation_strings":["Institute of Business Information Technology ZHAW School of Management and Law, , Theaterstrasse 17, 8400 Winterthur,"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Institute of Business Information Technology ZHAW School of Management and Law, , Theaterstrasse 17, 8400 Winterthur,","institution_ids":["https://openalex.org/I200744771"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5094055283","display_name":"Ariane Trammell","orcid":null},"institutions":[{"id":"https://openalex.org/I200744771","display_name":"ZHAW Zurich University of Applied Sciences","ror":null,"country_code":"CH","type":null,"lineage":["https://openalex.org/I200744771"]}],"countries":["CH"],"is_corresponding":false,"raw_author_name":"Ariane Trammell","raw_affiliation_strings":["Institute of Computer Science ZHAW School of Engineering, , Steinberggasse 13, 8400 Winterthur,"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"Institute of Computer Science ZHAW School of Engineering, , Steinberggasse 13, 8400 Winterthur,","institution_ids":["https://openalex.org/I200744771"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5062611983","display_name":"Melanie Knieps","orcid":"https://orcid.org/0000-0002-9192-6778"},"institutions":[{"id":"https://openalex.org/I4210100468","display_name":"University Hospital of Zurich","ror":"https://ror.org/01462r250","country_code":"CH","type":"funder","lineage":["https://openalex.org/I4210100468"]}],"countries":["CH"],"is_corresponding":false,"raw_author_name":"Melanie Knieps","raw_affiliation_strings":["University of Zurich Digital Society Initiative, , R\u00e4mistrasse 69, 8001 Zurich,"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"University of Zurich Digital Society Initiative, , R\u00e4mistrasse 69, 8001 Zurich,","institution_ids":["https://openalex.org/I4210100468"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5042008708","display_name":"Verena Zimmermann","orcid":"https://orcid.org/0000-0002-6873-8146"},"institutions":[{"id":"https://openalex.org/I35440088","display_name":"ETH Zurich","ror":"https://ror.org/05a28rw58","country_code":"CH","type":"education","lineage":["https://openalex.org/I2799323385","https://openalex.org/I35440088"]}],"countries":["CH"],"is_corresponding":false,"raw_author_name":"Verena Zimmermann","raw_affiliation_strings":["ETH Zurich Professorship for Security, Privacy and Society D-GESS, , Stampfenbachstrasse 69, 8006 Zurich,"],"raw_orcid":null,"affiliations":[{"raw_affiliation_string":"ETH Zurich Professorship for Security, Privacy and Society D-GESS, , Stampfenbachstrasse 69, 8006 Zurich,","institution_ids":["https://openalex.org/I35440088"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":7,"corresponding_author_ids":["https://openalex.org/A5006583404"],"corresponding_institution_ids":["https://openalex.org/I200744771"],"apc_list":{"value":1864,"currency":"USD","value_usd":1864},"apc_paid":{"value":1864,"currency":"USD","value_usd":1864},"fwci":8.7153,"has_fulltext":false,"cited_by_count":3,"citation_normalized_percentile":{"value":0.97537857,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":91,"max":99},"biblio":{"volume":"11","issue":"1","first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9983000159263611,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9983000159263611,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.9887999892234802,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12519","display_name":"Cybercrime and Law Enforcement Studies","score":0.9879000186920166,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6370387077331543},{"id":"https://openalex.org/keywords/incident-response","display_name":"Incident response","score":0.46361666917800903},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.3715140223503113},{"id":"https://openalex.org/keywords/engineering","display_name":"Engineering","score":0.350483238697052}],"concepts":[{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6370387077331543},{"id":"https://openalex.org/C2985105721","wikidata":"https://www.wikidata.org/wiki/Q13479512","display_name":"Incident response","level":2,"score":0.46361666917800903},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.3715140223503113},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.350483238697052}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1093/cybsec/tyaf019","is_oa":true,"landing_page_url":"https://doi.org/10.1093/cybsec/tyaf019","pdf_url":null,"source":{"id":"https://openalex.org/S2735156331","display_name":"Journal of Cybersecurity","issn_l":"2057-2085","issn":["2057-2085","2057-2093"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310311648","host_organization_name":"Oxford University Press","host_organization_lineage":["https://openalex.org/P4310311648","https://openalex.org/P4310311647"],"host_organization_lineage_names":["Oxford University Press","University of Oxford"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Cybersecurity","raw_type":"journal-article"},{"id":"pmh:oai:digitalcollection.zhaw.ch:11475/33864","is_oa":true,"landing_page_url":"https://hdl.handle.net/11475/33864","pdf_url":null,"source":{"id":"https://openalex.org/S4306401810","display_name":"Z\u00fcrcher Hochschule f\u00fcr Angewandte Wissenschaften digital collection (Zurich University of Applied Sciences)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I200744771","host_organization_name":"ZHAW Zurich University of Applied Sciences","host_organization_lineage":["https://openalex.org/I200744771"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-nc-nd","license_id":"https://openalex.org/licenses/cc-by-nc-nd","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"Text"}],"best_oa_location":{"id":"doi:10.1093/cybsec/tyaf019","is_oa":true,"landing_page_url":"https://doi.org/10.1093/cybsec/tyaf019","pdf_url":null,"source":{"id":"https://openalex.org/S2735156331","display_name":"Journal of Cybersecurity","issn_l":"2057-2085","issn":["2057-2085","2057-2093"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310311648","host_organization_name":"Oxford University Press","host_organization_lineage":["https://openalex.org/P4310311648","https://openalex.org/P4310311647"],"host_organization_lineage_names":["Oxford University Press","University of Oxford"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Cybersecurity","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G2857668949","display_name":null,"funder_award_id":"207550","funder_id":"https://openalex.org/F4320320924","funder_display_name":"Schweizerischer Nationalfonds zur F\u00f6rderung der Wissenschaftlichen Forschung"}],"funders":[{"id":"https://openalex.org/F4320320924","display_name":"Schweizerischer Nationalfonds zur F\u00f6rderung der Wissenschaftlichen Forschung","ror":"https://ror.org/00yjd3n13"}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":161,"referenced_works":["https://openalex.org/W56142911","https://openalex.org/W122320840","https://openalex.org/W123505613","https://openalex.org/W175991546","https://openalex.org/W186132531","https://openalex.org/W585431298","https://openalex.org/W1073815135","https://openalex.org/W1419672874","https://openalex.org/W1566168400","https://openalex.org/W1587856477","https://openalex.org/W1595833668","https://openalex.org/W1601804926","https://openalex.org/W1607548417","https://openalex.org/W1621268071","https://openalex.org/W1875243880","https://openalex.org/W1936622395","https://openalex.org/W1969990505","https://openalex.org/W1978988320","https://openalex.org/W1979290264","https://openalex.org/W1983252393","https://openalex.org/W1988423288","https://openalex.org/W1993580489","https://openalex.org/W1994604268","https://openalex.org/W2001606006","https://openalex.org/W2002356434","https://openalex.org/W2012331246","https://openalex.org/W2012545572","https://openalex.org/W2022014662","https://openalex.org/W2031828672","https://openalex.org/W2031999883","https://openalex.org/W2055127755","https://openalex.org/W2056012717","https://openalex.org/W2060275638","https://openalex.org/W2067397097","https://openalex.org/W2077121139","https://openalex.org/W2078635913","https://openalex.org/W2111628838","https://openalex.org/W2116544216","https://openalex.org/W2117405938","https://openalex.org/W2120530657","https://openalex.org/W2120710757","https://openalex.org/W2125258498","https://openalex.org/W2133865027","https://openalex.org/W2147113686","https://openalex.org/W2150029453","https://openalex.org/W2153449837","https://openalex.org/W2182899594","https://openalex.org/W2232493326","https://openalex.org/W2254667017","https://openalex.org/W2260718198","https://openalex.org/W2266520230","https://openalex.org/W2317771886","https://openalex.org/W2335573370","https://openalex.org/W2415957489","https://openalex.org/W2513931103","https://openalex.org/W2607209462","https://openalex.org/W2617416222","https://openalex.org/W2741206685","https://openalex.org/W2752770405","https://openalex.org/W2768328670","https://openalex.org/W2793461878","https://openalex.org/W2794421626","https://openalex.org/W2794716878","https://openalex.org/W2800771502","https://openalex.org/W2839935721","https://openalex.org/W2883808454","https://openalex.org/W2888478464","https://openalex.org/W2891129258","https://openalex.org/W2898413674","https://openalex.org/W2899804585","https://openalex.org/W2949643954","https://openalex.org/W2957517820","https://openalex.org/W2957665664","https://openalex.org/W2964956842","https://openalex.org/W2972007171","https://openalex.org/W2981908090","https://openalex.org/W2982205235","https://openalex.org/W3011777756","https://openalex.org/W3014776901","https://openalex.org/W3022494622","https://openalex.org/W3034673956","https://openalex.org/W3041006851","https://openalex.org/W3094457231","https://openalex.org/W3108159510","https://openalex.org/W3110276721","https://openalex.org/W3124351849","https://openalex.org/W3126896187","https://openalex.org/W3133205287","https://openalex.org/W3134754575","https://openalex.org/W3136122645","https://openalex.org/W3167817946","https://openalex.org/W3185512602","https://openalex.org/W3197038297","https://openalex.org/W3199256509","https://openalex.org/W3206561781","https://openalex.org/W3207647981","https://openalex.org/W3210168563","https://openalex.org/W3215934643","https://openalex.org/W4200579948","https://openalex.org/W4200618797","https://openalex.org/W4210415807","https://openalex.org/W4213292645","https://openalex.org/W4214675941","https://openalex.org/W4226281451","https://openalex.org/W4241099972","https://openalex.org/W4244496119","https://openalex.org/W4252460146","https://openalex.org/W4281645519","https://openalex.org/W4284895455","https://openalex.org/W4288057710","https://openalex.org/W4288066124","https://openalex.org/W4292348401","https://openalex.org/W4292807219","https://openalex.org/W4293193423","https://openalex.org/W4293312847","https://openalex.org/W4293771152","https://openalex.org/W4297399555","https://openalex.org/W4308764956","https://openalex.org/W4313380675","https://openalex.org/W4323966634","https://openalex.org/W4376463582","https://openalex.org/W4378594123","https://openalex.org/W4378639823","https://openalex.org/W4385562826","https://openalex.org/W4385764809","https://openalex.org/W4386002960","https://openalex.org/W4387628499","https://openalex.org/W4387628519","https://openalex.org/W4387849511","https://openalex.org/W4390869558","https://openalex.org/W4391880153","https://openalex.org/W4391904215","https://openalex.org/W4395663893","https://openalex.org/W4399866411","https://openalex.org/W4400644420","https://openalex.org/W4401263003","https://openalex.org/W4401575908","https://openalex.org/W4402264535","https://openalex.org/W4402781262","https://openalex.org/W4403719068","https://openalex.org/W4405745614","https://openalex.org/W4407075099","https://openalex.org/W4409665097","https://openalex.org/W6605016592","https://openalex.org/W6676235441","https://openalex.org/W6699585326","https://openalex.org/W6703307418","https://openalex.org/W6723473538","https://openalex.org/W6724780196","https://openalex.org/W6738199045","https://openalex.org/W6746507189","https://openalex.org/W6750902629","https://openalex.org/W6774991018","https://openalex.org/W6789361000","https://openalex.org/W6804090415","https://openalex.org/W6842286924","https://openalex.org/W6851054383","https://openalex.org/W6869839351","https://openalex.org/W6870516890","https://openalex.org/W6980284880","https://openalex.org/W7056150758"],"related_works":["https://openalex.org/W4391375266","https://openalex.org/W2899084033","https://openalex.org/W2748952813","https://openalex.org/W4251008024","https://openalex.org/W2170135113","https://openalex.org/W4403882784","https://openalex.org/W136373522","https://openalex.org/W1996967322","https://openalex.org/W4206206623","https://openalex.org/W1991606108"],"abstract_inverted_index":{"Abstract":[0],"Despite":[1],"all":[2,18],"the":[3,66,101],"technical":[4],"approaches":[5],"to":[6,65,69,72,79,87,183,213],"monitoring":[7],"threats":[8],"and":[9,39,56,127,157,204],"detecting":[10],"incidents,":[11],"manual":[12],"incident":[13,49],"reporting":[14,28,37,50,62,70,120,148,172,179],"is":[15,52,117],"critical":[16],"at":[17],"organizational":[19,124],"levels":[20,125],"of":[21,36,48,103,115,131,180],"cybersecurity.":[22],"However,":[23],"in":[24,58,169,211],"its":[25],"current":[26],"state,":[27],"suffers":[29],"from":[30,61,100,140],"challenges":[31,95],"such":[32,153,160,197],"as":[33,154,161,198],"underreporting,":[34],"lack":[35],"channels,":[38],"uncertainty":[40],"about":[41],"what":[42],"should":[43,206],"be":[44,175,207],"reported.":[45],"The":[46],"phenomenon":[47],"itself":[51],"not":[53],"clearly":[54],"defined":[55],"occurs":[57],"different":[59,123],"facets,":[60],"phishing":[63],"emails":[64],"IT":[67],"department":[68],"vulnerabilities":[71],"national":[73],"authorities.":[74],"This":[75,90],"makes":[76],"it":[77],"difficult":[78],"design":[80,129],"effective":[81],"socio-technical":[82],"incident-reporting":[83],"systems":[84],"(IRS)":[85],"according":[86],"overarching":[88],"principles.":[89],"review":[91],"article":[92],"addresses":[93],"these":[94,138],"by":[96],"drawing":[97],"on":[98,122,137],"insights":[99],"field":[102],"safety,":[104,141],"where":[105],"IRS":[106,133,193],"are":[107],"well-established.":[108],"We":[109,165],"find":[110],"that":[111,149,167],"a":[112,144],"broad":[113],"range":[114],"events":[116,182],"reported,":[118],"various":[119],"channels":[121,173],"exist,":[126],"key":[128],"factors":[130,196],"successful":[132],"have":[134],"emerged.":[135],"Based":[136],"lessons":[139],"we":[142],"propose":[143],"taxonomy":[145],"for":[146,178,188,194],"cybersecurity":[147,170],"includes":[150],"noncritical":[151,181],"events,":[152],"near":[155],"misses,":[156],"latent":[158],"factors,":[159],"weak":[162],"security":[163],"controls.":[164],"suggest":[166],"also":[168],"new":[171],"can":[174],"established,":[176],"e.g.":[177],"nonpunitive":[184],"supra-organizational":[185],"bodies":[186],"or":[187],"employee":[189],"reporting.":[190,215],"When":[191],"designing":[192],"cybersecurity,":[195],"case-based":[199],"learning,":[200],"voluntariness,":[201],"impunity,":[202],"independence,":[203],"feedback":[205],"taken":[208],"into":[209],"account":[210],"order":[212],"encourage":[214]},"counts_by_year":[{"year":2026,"cited_by_count":2},{"year":2025,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}