{"id":"https://openalex.org/W7164580805","doi":"https://doi.org/10.48550/arxiv.2606.13612","title":"Beyond the IT Checklist: Engineering a Reasonable Standard of Care for Cyber Safety","display_name":"Beyond the IT Checklist: Engineering a Reasonable Standard of Care for Cyber Safety","publication_year":2026,"publication_date":"2026-06-11","ids":{"openalex":"https://openalex.org/W7164580805","doi":"https://doi.org/10.48550/arxiv.2606.13612"},"language":null,"primary_location":{"id":"doi:10.48550/arxiv.2606.13612","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2606.13612","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"Preprint"},"type":"preprint","indexed_in":["datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://doi.org/10.48550/arxiv.2606.13612","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5026827398","display_name":"Matthew E. Jablonski","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Jablonski, Matthew E.","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5012908526","display_name":"Linton Wells","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Wells, Linton","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5138503994","display_name":"Kathryn B. Laskey","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Laskey, Kathryn B.","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]},{"author_position":"last","author":{"id":"https://openalex.org/A5035098971","display_name":"F. Brett Berlin","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Berlin, F. Brett","raw_affiliation_strings":[],"raw_orcid":null,"affiliations":[]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":0,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":null,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":null,"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10917","display_name":"Smart Grid Security and Resilience","score":0.3822000026702881,"subfield":{"id":"https://openalex.org/subfields/2207","display_name":"Control and Systems Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10917","display_name":"Smart Grid Security and Resilience","score":0.3822000026702881,"subfield":{"id":"https://openalex.org/subfields/2207","display_name":"Control and Systems Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.2198999971151352,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11807","display_name":"Infrastructure Resilience and Vulnerability Analysis","score":0.10109999775886536,"subfield":{"id":"https://openalex.org/subfields/2205","display_name":"Civil and Structural Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/documentation","display_name":"Documentation","score":0.5616000294685364},{"id":"https://openalex.org/keywords/operationalization","display_name":"Operationalization","score":0.5575000047683716},{"id":"https://openalex.org/keywords/resilience","display_name":"Resilience (materials science)","score":0.47530001401901245},{"id":"https://openalex.org/keywords/business-continuity","display_name":"Business continuity","score":0.45980000495910645},{"id":"https://openalex.org/keywords/nist","display_name":"NIST","score":0.44449999928474426},{"id":"https://openalex.org/keywords/construct","display_name":"Construct (python library)","score":0.4422999918460846},{"id":"https://openalex.org/keywords/incentive","display_name":"Incentive","score":0.4259999990463257},{"id":"https://openalex.org/keywords/critical-infrastructure","display_name":"Critical infrastructure","score":0.4169999957084656},{"id":"https://openalex.org/keywords/sociotechnical-system","display_name":"Sociotechnical system","score":0.4156999886035919}],"concepts":[{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6129000186920166},{"id":"https://openalex.org/C56666940","wikidata":"https://www.wikidata.org/wiki/Q788790","display_name":"Documentation","level":2,"score":0.5616000294685364},{"id":"https://openalex.org/C9354725","wikidata":"https://www.wikidata.org/wiki/Q286017","display_name":"Operationalization","level":2,"score":0.5575000047683716},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.4970000088214874},{"id":"https://openalex.org/C2779585090","wikidata":"https://www.wikidata.org/wiki/Q3457762","display_name":"Resilience (materials science)","level":2,"score":0.47530001401901245},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.46549999713897705},{"id":"https://openalex.org/C2778143579","wikidata":"https://www.wikidata.org/wiki/Q831801","display_name":"Business continuity","level":2,"score":0.45980000495910645},{"id":"https://openalex.org/C111219384","wikidata":"https://www.wikidata.org/wiki/Q6954384","display_name":"NIST","level":2,"score":0.44449999928474426},{"id":"https://openalex.org/C2780801425","wikidata":"https://www.wikidata.org/wiki/Q5164392","display_name":"Construct (python library)","level":2,"score":0.4422999918460846},{"id":"https://openalex.org/C29122968","wikidata":"https://www.wikidata.org/wiki/Q1414816","display_name":"Incentive","level":2,"score":0.4259999990463257},{"id":"https://openalex.org/C29852176","wikidata":"https://www.wikidata.org/wiki/Q373338","display_name":"Critical infrastructure","level":2,"score":0.4169999957084656},{"id":"https://openalex.org/C127627568","wikidata":"https://www.wikidata.org/wiki/Q1639361","display_name":"Sociotechnical system","level":2,"score":0.4156999886035919},{"id":"https://openalex.org/C165609540","wikidata":"https://www.wikidata.org/wiki/Q1172486","display_name":"Data breach","level":2,"score":0.40070000290870667},{"id":"https://openalex.org/C2775924081","wikidata":"https://www.wikidata.org/wiki/Q55608371","display_name":"Control (management)","level":2,"score":0.3443000018596649},{"id":"https://openalex.org/C139807058","wikidata":"https://www.wikidata.org/wiki/Q352374","display_name":"Adaptation (eye)","level":2,"score":0.34279999136924744},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.34279999136924744},{"id":"https://openalex.org/C2780264999","wikidata":"https://www.wikidata.org/wiki/Q7445032","display_name":"Security domain","level":2,"score":0.31119999289512634},{"id":"https://openalex.org/C124184767","wikidata":"https://www.wikidata.org/wiki/Q1591311","display_name":"Scram","level":2,"score":0.3109999895095825},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.31060001254081726},{"id":"https://openalex.org/C121017731","wikidata":"https://www.wikidata.org/wiki/Q11661","display_name":"Information technology","level":2,"score":0.3043000102043152},{"id":"https://openalex.org/C195094911","wikidata":"https://www.wikidata.org/wiki/Q14167904","display_name":"Process management","level":1,"score":0.2946000099182129},{"id":"https://openalex.org/C106436119","wikidata":"https://www.wikidata.org/wiki/Q836575","display_name":"Quality assurance","level":3,"score":0.29319998621940613},{"id":"https://openalex.org/C40071531","wikidata":"https://www.wikidata.org/wiki/Q2513962","display_name":"Industrial control system","level":3,"score":0.2921999990940094},{"id":"https://openalex.org/C2778282719","wikidata":"https://www.wikidata.org/wiki/Q917419","display_name":"Bring your own device","level":3,"score":0.2879999876022339},{"id":"https://openalex.org/C154908896","wikidata":"https://www.wikidata.org/wiki/Q2167404","display_name":"Security policy","level":2,"score":0.2694000005722046},{"id":"https://openalex.org/C110354214","wikidata":"https://www.wikidata.org/wiki/Q6314146","display_name":"Engineering management","level":1,"score":0.2669999897480011},{"id":"https://openalex.org/C127413603","wikidata":"https://www.wikidata.org/wiki/Q11023","display_name":"Engineering","level":0,"score":0.26409998536109924},{"id":"https://openalex.org/C2776889888","wikidata":"https://www.wikidata.org/wiki/Q1135789","display_name":"Unintended consequences","level":2,"score":0.2506999969482422}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.48550/arxiv.2606.13612","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2606.13612","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"Preprint"}],"best_oa_location":{"id":"doi:10.48550/arxiv.2606.13612","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2606.13612","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"Preprint"},"sustainable_development_goals":[{"display_name":"Industry, innovation and infrastructure","id":"https://metadata.un.org/sdg/9","score":0.62445467710495}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":[],"abstract_inverted_index":{"Current":[0],"U.S.":[1],"cyber":[2,146],"policy,":[3],"centered":[4],"on":[5,94],"security,":[6],"often":[7],"treats":[8],"documentation":[9],"of":[10,49,136],"controls":[11],"and":[12,45,83,89,124,145],"incident":[13],"reports":[14],"as":[15,118],"a":[16,47,133,170],"proxy":[17],"for":[18,33,166],"safety":[19],"in":[20,79,139],"the":[21,64,80],"built":[22],"environment.":[23],"This":[24],"paper":[25],"argues":[26],"that":[27,75,101,152,163],"such":[28],"an":[29,176],"approach":[30],"is":[31,61],"inadequate":[32],"cyber-physical":[34],"systems,":[35],"where":[36],"digital":[37],"failures":[38],"can":[39],"produce":[40],"kinetic":[41],"harm.":[42],"We":[43,108,130],"construct":[44],"code":[46],"corpus":[48],"critical":[50,167],"infrastructure":[51,168],"policy":[52,154],"documents":[53],"(N=292,":[54],"2000-2025)":[55],"to":[56,97],"examine":[57],"how":[58],"\"reasonable":[59],"care\"":[60],"operationalized":[62],"across":[63,128],"NIST":[65],"SP":[66],"800-160":[67],"Vol.~2":[68],"resilience":[69],"lifecycle.":[70],"The":[71],"resulting":[72],"maps":[73],"show":[74],"obligations":[76,158],"are":[77,102],"concentrated":[78],"Anticipate":[81],"phase":[82],"emphasize":[84],"administrative":[85],"compliance,":[86],"while":[87],"Withstand":[88],"Recover":[90],"phases":[91],"rely":[92],"heavily":[93],"delegated":[95,114],"references":[96],"IT-focused":[98],"control":[99],"catalogs":[100],"poorly":[103],"aligned":[104],"with":[105,159],"physics-based":[106],"hazards.":[107],"identify":[109],"three":[110],"major":[111],"disconnects:":[112],"miscalibrated":[113],"standards,":[115],"recovery":[116],"defined":[117],"notification":[119],"rather":[120,174],"than":[121,175],"engineered":[122],"navigation,":[123],"uneven":[125],"adaptation":[126],"requirements":[127],"sectors.":[129],"then":[131],"propose":[132],"modernized":[134],"standard":[135],"care":[137],"anchored":[138],"hazard-specific":[140],"traceability,":[141],"structured":[142],"assurance":[143],"cases,":[144],"resiliency":[147],"engineering.":[148],"Finally,":[149],"we":[150],"recommend":[151],"federal":[153],"pair":[155],"these":[156],"engineering":[157],"targeted":[160],"incentives":[161],"so":[162],"resilient":[164],"architectures":[165],"become":[169],"viable":[171],"business":[172],"decision":[173],"unfunded":[177],"expectation.":[178]},"counts_by_year":[],"updated_date":"2026-07-01T06:00:48.157686","created_date":"2026-06-13T00:00:00"}
