Visioning Activity

Sociotechnical Cybersecurity

SCSInformation and Communications Technology (ICT) has taken a central role in modern society. Unfortunately, malicious hackers and cybercrime have become a stubborn and expensive part of the ICT landscape. This has made providing cybersecurity a defining challenge for our era. Many strategic plans and National Academies of Sciences (NAS) studies have been written, and billions of dollars have been spent on the development and deployment of innovative cybersecurity solutions, but our network infrastructure, devices and organizations are increasingly insecure against threats.

Quite recently (in January 2016), the federal government released a new cybersecurity federal R&D strategic plan – this one mandated by Congress – that is novel in that it engages the socio-technical nature of the systems that we are securing. The plan also emphasizes the need for understanding the efficacy of different approaches, albeit empirically, economically, or mathematically. However, in order to make meaningful progress, using a socio-technical approach requires innovation driven by informational and experiential diversity.

A socio-technical approach to cybersecurity recognizes that the science and technology deployed to protect and defend our information and critical infrastructure must consider human, social, organizational, economic and technical factors, as well as the complex interaction among them, in the creation, maintenance, and operation of our systems and infrastructure.

The CCC will convene two workshops in order to advocate an evidence-based sociotechnical cybersecurity approach, integrating the best research evidence with diverse cybersecurity expertise and broadening the consideration of ICT user characteristics.

Goals of these two workshops include:

  • Using the grand challenges to promote effective and appropriate consideration of the socio-technical factors and sound and effective principles of cybersecurity assessment, evaluation, and intervention.
  • Identifying the human, social, organizational, economic and technical factors and techniques for understanding the interactions among them through a socio-technical approach.
  • Discovering positive steps that can be taken to better protect and defend our information and critical infrastructure.

Call for White Papers

As a part of this effort, the workshop organizing committee has released a call for white papers in order to both assist us in organizing the workshop and in selecting attendees. Authors of informative and well-crafted white papers may be invited to the Sociotechnical Cybersecurity workshop.

Read the full call for proposals here.


December 12-13, 2016 – Workshop 1
August 8-9, 2017 – Workshop 2

Members of the Organizing Committee