A national coastal erosion risk assessment for Scotland

The geography of Scotland, with a highly undulating hinterland, long and indented coastline, together with a large number of islands, means that much social and economic activity is largely located at the coast. The importance of the coast is further highlighted by the large number of ecosystem services derived from the coast. The threat posed by climate change, particularly current and future sea level rise, is of considerable concern and the associated coastal erosion and coastal flooding has the potential to have a substantial effect on the socioeconomic activity of the whole country. Currently, the knowledge base of coastal erosion is poor, which serves to hinder the current and future management of the coast. This research reported here aimed to establish four key aspects of coastal erosion within Scotland: the physical susceptibility of the coast to erosion; the assets exposed to coastal erosion; the vulnerability of communities to coastal erosion; and the coastal erosion risk to those communities. Coastal erosion susceptibility was modelled here within a GIS, using data for ground elevation, rockhead elevation, wave exposure and proximity to the open coast. Combining these data produced the Underlying Physical Susceptibility Model (UPSM), in the form of a 50 m2 raster of national coverage. The Coastal Erosion Susceptibility Model (CESM) was produced with the addition of sediment supply and coastal defence data, which then moderates the outputs of the UPSM. Asset data for dwellings, key assets, transport infrastructure, historic assets, and natural assets were used along with the UPSM and CESM to assess their degree of exposure to coastal erosion. A Coastal Erosion Vulnerability Model (CEVM) was produced using Experian Mosaic Scotland (a geodemographic classification which identifies 44 different social groups within Scotland) to classify populations based upon 11 vulnerability variables. Dwellings were assigned a CESM and CEVM score in order to establish their coastal erosion risk. This research demonstrated that the issue of coastal erosion will impact on a relatively low number of properties compared to those impacted by flooding (both coastal and fluvial) as many dwellings are already protected by coastal defences. There is therefore, a considerable future liability, and great pressure for coastal defences to be maintained and upgraded in their current form. The use of the CEVM is a novel inclusion within a coastal erosion assessment for Scotland. Use of the CEVM established that coastal erosion risk is not distributed equally amongst the Scottish coastal population and highlighted that risk can be reduced by either reducing exposure or reducing vulnerability. Thus far in Scotland, reducing exposure has been the primary management approach, which has a number of implications with regards social justice. This research identified the existing data gaps that should be addressed by future research in order to further improve coastal management in Scotland. Future research should focus on assessing historical coastal change rates on a national scale, improve modelling of national scale wave exposure, enhance the information held about current coastal defences and, determine the direct and indirect economic cost associated with the loss of different asset types. It is also necessary to clarify the social justice implications of using adaptation approaches to manage coastal erosion as well as establishing a method to communicate the susceptibility, exposure, vulnerability and risk aspects whilst minimising the potential negative impacts (e.g. property blight) of releasing such information.

A cyber exercise post assessment framework: In Malaysia perspectives

Critical infrastructures are based on complex systems that provide vital services to the nation. The complexities of the interconnected networks, each managed by individual organisations, if not properly secured, could offer vulnerabilities that threaten other organisations’ systems that depend on their services. This thesis argues that the awareness of interdependencies among critical sectors needs to be increased. Managing and securing critical infrastructure is not isolated responsibility of a government or an individual organisation. There is a need for a strong collaboration among critical service providers of public and private organisations in protecting critical information infrastructure. Cyber exercises have been incorporated in national cyber security strategies as part of critical information infrastructure protection. However, organising a cyber exercise involved multi sectors is challenging due to the diversity of participants’ background, working environments and incidents response policies. How well the lessons learned from the cyber exercise and how it can be transferred to the participating organisations is still a looming question. In order to understand the implications of cyber exercises on what participants have learnt and how it benefits participants’ organisation, a Cyber Exercise Post Assessment (CEPA) framework was proposed in this research. The CEPA framework consists of two parts. The first part aims to investigate the lessons learnt by participants from a cyber exercise using the four levels of the Kirkpatrick Training Model to identify their perceptions on reaction, learning, behaviour and results of the exercise. The second part investigates the Organisation Cyber Resilience (OCR) of participating sectors. The framework was used to study the impact of the cyber exercise called X Maya in Malaysia. Data collected through interviews with X Maya 5 participants were coded and categorised based on four levels according to the Kirkpatrick Training Model, while online surveys distributed to ten Critical National Information Infrastructure (CNII) sectors participated in the exercise. The survey used the C-Suite Executive Checklist developed by World Economic Forum in 2012. To ensure the suitability of the tool used to investigate the OCR, a reliability test conducted on the survey items showed high internal consistency results. Finally, individual OCR scores were used to develop the OCR Maturity Model to provide the organisation cyber resilience perspectives of the ten CNII sectors.