簡易檢索 / 詳目顯示

回結果列表
研究生: 林文棟
Lin, Wen-Tung
論文名稱: 評估資訊安全韌性:政策導向之價值
Evaluating the Cybersecurity Resilience: Guiding Values for Policy
指導教授: 蔣麗君
Chiang, Li-Chun
學位類別: 博士
Doctor
系所名稱: 社會科學院 - 政治學系
Department of Political Science
論文出版年: 2025
畢業學年度: 113
語文別: 英文
論文頁數: 194
中文關鍵詞: 資訊安全資訊安全韌性資訊安全政策政策分析方案評估政府機關績效衡量
外文關鍵詞: Cybersecurity, Cybersecurity Resilience, Cybersecurity Policy, Policy Analysis, Program Evaluation, Performance Measurement of Governmental Organizations
相關次數: 點閱:15下載:0
分享至:
查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報

    • 2016 年,臺灣總統蔡英文提出「資安即國安」的宣示。面對日益嚴峻的網路攻擊,尤其針對政府部門的攻擊日益頻繁,探究臺灣政府如何透過資訊安全政策維護資通安全,已成為當務之急。在這個數位化與高度相互連結的時代,網路攻擊已不可避免。2024年政府機關資通安全威脅偵測管理偵測到約 86.6 萬次針對政府組織的攻擊行為,自2022 年以來,政府機關與負責關鍵基礎設施的特定非政府組織,每年已通報超過 1,000 起資訊安全事件。為應對網路威脅,臺灣自 2001年起陸續推動資訊安全政策與全國性資訊安全方案。最新的「第六期國家資通安全發展方案」旨在建構主動防禦的網路體系,打造一個具備韌性、安全且智慧的國家,足以抵禦並處理各類網路威脅。
    本研究旨在評估臺灣政府機關實施資訊安全韌性措施的現況,依據網路韌性的理論架構與臺灣現行資訊安全政策、法規與發展方案的脈絡,建構資訊安全韌性評估架構。透過該架構評估地方政府機關的執行資訊安全韌性措施的成效,進而提供第六期資訊安全方案成效的實證證據。本研究聚焦於兩項主要研究問題,第一項主要研究問題: 臺灣地方政府機關目前資訊安全韌性措施的落實情形為何?並進一步透過四個次級研究問題探討地方政府機關如何準備應對網路攻擊?在網路攻擊事件發生時地方政府機關如何進行應變? 於網路攻擊事件後地方政府機關如何恢復運作?於網路攻擊事件結束後地方政府機關如何進行調適與學習?第二項主要研究問題主要探討哪些因素與網路安全韌性的建構與實施相關。
    本研究採用質性研究方法,透過半結構式(半開放式)問卷蒐集地方政府之資料,並以本研究建構之資訊安全韌性評估架構,將政府回應其所實施的資訊安全韌性措施,依據三級等級標準進行評分。研究結果顯示,臺灣地方政府機關已具備一定程度的資訊安全韌性能力,「第六期國家資通安全發展方案」在推動資訊安全與韌性方面,已初步達成其政策目標: 打造一個安全、韌性的國家。

    In 2016, Taiwanese President Tsai Ing-wen stated that “cybersecurity is national security”. As Taiwan has encountered severe cyberattacks, especially in the governmental sector, it is necessary to understand how the Taiwanese government implements cybersecurity policy to ensure security in this digitalized and electrified era. Around 866 thousand cyberattacks targeted at governmental organizations were detected in 2024. Governmental organizations and specific non-government agencies responsible for critical infrastructure reported more than 1,000 cyberattack incidents that have intruded on governmental systems since 2022. To solve the cyberattack problems and ensure cybersecurity, the government has implemented cybersecurity policies and different programs since 2001. The latest sixth cybersecurity program aims to build an active defense network and create a resilient, secure, and smart country to withstand and handle cyberattacks. This study conducts a compliance evaluation on the implementation of cybersecurity resilience measures in local governmental organizations and analyzes and evaluates the cybersecurity program and policy.
    This research develops a cybersecurity resilience evaluation framework based on the context of Taiwanese cybersecurity policy, program, law, and regulations. This evaluation framework aims to measure the performance of governmental organizations’ implementation of cybersecurity resilience measures. The results of performance measurement offer evidence to determine the achievement of the sixth cybersecurity program. This research addresses two main research questions, followed by four sub-research questions in the first main research question. The main Research Question aims to investigate the implementations of cybersecurity resilience measures in Taiwanese local governmental organizations. The sub-questions investigate how local governmental organizations implement cybersecurity resilience measures to prepare for cyberattack incidents, respond to cyberattack incidents, recover from cyberattack incidents, and adapt and learn after the end of cyberattack incidents. The second main research question focuses on analyzing the factors related to cybersecurity resilience. This research question aims to understand what factors strengthen or weaken cybersecurity resilience measures implemented in local governmental organizations.
    This qualitative study conducts a semi-structured questionnaire to collect governmental data. The collected survey data is evaluated and rated from level 1 to level 3, based on the cybersecurity resilience evaluation framework developed in this study. The results of performance measurement show that Taiwanese local governmental organizations have achieved cybersecurity resilience capacity to address cyberattacks, and the cybersecurity program has achieved its objectives to create a secure and resilient country. Policy implications, recommendations, and political economy implications are illustrated in the discussion section.

    Abstract in Chinese i Abstract ii Acknowledgement iv Lists of Tables ix Lists of Figures xii Chapter I – Introduction 1 1.1 Research Background: The Development of E-Government and Its Vulnerability to Cyberattacks 5 1.1.1 Importance of Cybersecurity in Governmental Organizations 7 1.1.2 Cybersecurity Policy and Case of Cyberattack Incident in Taiwan 9 1.1.3. Cybersecurity Programs, Laws, and Regulations in Taiwan 10 1.2 Suggestions of Measures for Ensuring Cybersecurity from Previous Research and the Current Research Gap 14 1.3 Research Question and Purpose 15 1.4 Definition of Terms 19 1.4.1 Cyberattack 19 1.4.2 Cybersecurity 19 1.4.3 Information Security 20 1.4.4 Cybersecurity Resilience 20 1.4.5 Evaluation 21 1.5 Chapters of the Dissertation 22 1.6 Research Flow 27 Chapter II – Literature Review 29 2.1 Definition of Resilience in Public Administration Literature 29 2.1.1 Concept of Resilience in Risk Management in Public Sector 30 2.1.2 Resilience as a Value in Public Administration Theory in the Context of Cybersecurity 33 2.1.3. New Public Management and Program Evaluation 35 2.2 Conceptualizing Cybersecurity Resilience 38 2.2.1 Studies on Cybersecurity 38 2.2.2 Defining Cyber Resilience 40 2.2.3 Comparison between Cybersecurity and Cyber Resilience 43 2.3 Cybersecurity Resilience Framework and Definition of Cybersecurity Resilience 45 Chapter III – Research Design 49 3.1 Research Framework 52 3.2 Research Method and Study Population 63 3.2.1 Method of Semi-Opened Questionnaire 66 3.2.2 Method of Document Analysis 70 Chapter IV – Research Findings 72 4.1 Data Analysis 72 4.1.1 Performance Measurement of the Governmental Organization A 73 4.1.2 Performance Measurement of the Governmental Organization B 77 4.1.3 Performance Measurement of the Governmental Organization C 81 4.1.4 Performance Measurement of the Governmental Organization D 86 4.1.5 Performance Measurement of the Governmental Organization E 90 4.1.6 Performance Measurement of the Governmental Organization F 94 4.1.7 Performance Measurement of the Governmental Organization G 98 4.1.8 Performance Measurement of the Governmental Organization H 102 4.1.9 Performance Measurement of the Governmental Organization I 106 4.1.10 Performance Measurement of the Governmental Organization J 111 4.1.11 Performance Measurement of the Governmental Organization K 116 4.1.12 Performance Measurement of the Governmental Organization L 121 Chapter V – Discussion 128 5.1 Evaluation of Implementation of Cybersecurity Resilience Measures in Preparation for Cyberattack Incidents 128 5.1.1 Evaluation of Performance of the Indicator of Number, Scope, and Measures of Cyberattack Incident Exercises 128 5.1.2 Evaluation of the Performance of the Indicator of Establishment of a Cybersecurity/Information Security Management System with a Third-Party Certification 129 5.1.3 Evaluation of the Performance of the Indicator of Scope and Measures of Backup 130 5.1.4 Evaluation of the Performance of the Indicator of Scope and Frequency of Cybersecurity Training and Education 130 5.1.5 Evaluation of the Performance of the Indicator of Scope and Measures of Implementation of Cybersecurity Defensive Measures and Maintenance of Cybersecurity Systems 131 5.2 Evaluation of Implementation of Cybersecurity Resilience Measures for Response to Cyberattack Incidents 132 5.2.1 Evaluation of the Performance of the Indicator of Time for Cyberattack Incident Report to Authority and Improvement in Response Mechanisms 132 5.2.2 Evaluation of the Performance of the Indicator of Measures of Alternatives for Operation to Maintain Minimum Functionality and Operation During Cyberattacks 133 5.3 Evaluation of Implementation of Cybersecurity Resilience Measures for Recovery from Cyberattack Incidents 134 5.3.1 Evaluation of the Performance of the Indicator of Recovery Time to Restore the Function of the Organization to a Satisfactory Operation Level 134 5.4 Evaluation of Implementation of Cybersecurity Resilience Measures for Adaptation to Cyberattack Incidents 135 5.4.1 Evaluation of the Performance of the Indicator of Time for Implementation of Correction and Improvement Measures 135 5.4.2. Evaluation of the Performance of the Indicator of the Scope of Adjustment of Organizational Procedures 136 5.4.3 Evaluation of the Performance of the Indicator of Measures of Cybersecurity Training and Education After Cyberattacks 136 5.5. Policy Implications and Policy Recommendations 137 5.6. Recommendations for Cybersecurity Laws 141 5.7. The Performance Management of Governmental Organizations 142 5.8 Determinants Analysis 145 5.9 Propositions and Theoretical Statement 150 5.10 Political Economy Implications 151 Chapter VI – Conclusion 153 6.1 Theoretical Contributions of this Study 153 6.1.1. Feasibility and Applicability of Cybersecurity Resilience Framework 153 6.1.2. Cybersecurity Resilience as a Guiding Value for Policy 154 6.2. Practical Contributions of this Study 155 6.3 Limitations 156 6.4 Recommendations for Future Research 157 Reference 159 Appendix 166

    Administration for Cyber Security. (2022). Cyber Security Policies and Regulations. https://moda.gov.tw/en/ACS/operations/policies-and-regulations/648.

    Aghazadeh Ardebili, A., Lezzi, M., & Pourmadadkar, M. (2024). Risk Assessment for Cyber Resilience of Critical Infrastructures: Methods, Governance, and Standards. Applied Sciences, 14(24), 11807. https://doi.org/10.3390/app142411807.

    Ahmeti, R., & Vladi, B. (2017). Risk Management in Public Sector: A Literature Review. European Journal of Multidisciplinary Studies, 5, 323–329. https://doi.org/10.26417/ejms.v5i1.p323-329.

    Alrubaiq, A., & Alharbi, T. (2021). Developing a Cybersecurity Framework for E-Government Project in the Kingdom of Saudi Arabia. Journal of Cybersecurity and Privacy, 1(2), 302–318. https://doi.org/10.3390/jcp1020012.

    Antunes, M., Maximiano, M., Gomes, R., & Pinto, D. (2021). Information Security and Cybersecurity Management: A Case Study with SMEs in Portugal. Journal of Cybersecurity and Privacy, 1(2), 219–238. https://doi.org/10.3390/jcp1020012.

    Araujo, M. S. d., Machado, B. A. S., & Passos, F. U. (2024). Resilience in the Context of Cyber Security: A Review of the Fundamental Concepts and Relevance. Applied Sciences, 14(5), 2116. https://doi.org/10.3390/app14052116.

    Arief, A. R. (2022). An Analysis of Cybersecurity Policies and Practices in Public Administration. Journal of Public Representative and Society Provision, 2(2), 88–100. https://doi.org/10.55885/jprsp.v2i2.211.

    Awa, H.O., Ukoha, O. and Igwe, S.R. (2017), Revisiting Technology-Organization-Environment (T-O-E) Theory for Enriched Applicability. The Bottom Line, 30(1) pp. 2-22. https://doi.org/10.1108/BL-12-2016-0044.

    Blättler, S., & Hunziker, S. (2022). Public Administration Risk Management. In A. Farazmand (Ed.), Global Encyclopedia of Public Administration, Public Policy, and Governance (pp. 10525–10529). Cham: Springer International Publishing.

    Bolson, N., Yutkin, M., Rees, W., & Patzek, T. (2022). Resilience Rankings and Trajectories of World's Countries. Ecological Economics, 195, 107383. https://doi.org/10.1016/j.ecolecon.2022.107383.

    Bracci, E., Tallaki, M., Gobbo, G., & Papi, L. (2021). Risk Management in the Public Sector: A Structured Literature Review. International Journal of Public Sector Management, 34(2), 205–223. https://doi.org/10.1108/IJPSM-02-2020-0049.

    Brezavšček, A., & Baggia, A. (2025). Recent Trends in Information and Cyber Security Maturity Assessment: A Systematic Literature Review. Systems, 13(1), 52. https://doi.org/10.3390/systems13010052.

    Browne, J., Coffey, B., Cook, K., Meiklejohn, S., & Palermo, C. (2019). A Guide to Policy Analysis as a Research Method. Health Promotion International, 34(5), 1032–1044. https://doi.org/10.1093/heapro/day052.

    Buchanan, J.M. & Tullock, G. (1962). The Calculus of Consent: Logical Foundations for Constitutional Democracy. The University of Michigan Press.

    Bygrave, L. A. (2022). Cyber Resilience versus Cybersecurity as Legal Aspiration. Proceeding of the 2022 14th International Conference on Cyber Conflict: Keep Moving! (CyCon), pp. 27-43. https://doi.org/10.23919/CyCon55549.2022.9811084.

    Cains, M. G., Flora, L., Taber, D., King, Z., & Henshel, D. S. (2022). Defining Cyber Security and Cyber Security Risk within a Multidisciplinary Context Using Expert Elicitation. Risk Analysis, 42(8), 1643–1669. https://doi.org/10.1111/risa.13687.

    Clement, J., Esposito, G., & Crutzen, N. (2023). Municipal Pathways in Response to COVID-19: A Strategic Management Perspective on Local Public Administration Resilience. Administration & Society, 55(1), 3-29. https://doi.org/10.1177/00953997221100382.

    Chang, K., & Huang, H. (2023). Exploring the Management of Multi-Sectoral Cybersecurity Information-Sharing Networks. Government Information Quarterly, 40(4), 101870. https://doi.org/10.1016/j.giq.2023.101870.

    Chang, C. H. (2023). How Does the Tallinn Manual 2.0 Shed Light on the Threat of Cyber Attacks against Taiwan? European Conference on Cyber Warfare and Security, 22, 649–656. https://doi.org/10.34190/eccws.22.1.1294.

    Control Yuan. (2023). The Control Yuan Report. https://www.cy.gov.tw/CyBsBoxContent.aspx?n=133&s=28320.

    Cronstedt, M. (2002). Prevention, Preparedness, Response, Recovery - An Outdated Concept? The Australian journal of emergency management, 17, 10. https://knowledge.aidr.org.au/resources/ajem-aug-2002-prevention-preparedness-response-recovery-an-outdated-concept/.

    Dong, K., Zhen, J., Xie, Z., and Chen, L. (2025). Building Cybersecurity Resilience: Integrating Defense and Recovery Investment Strategies in an Expected Resilience Framework. Journal of Enterprise Information Management, Vol. 38 No. 2, pp. 502-531. https://doi.org/10.1108/JEIM-04-2023-0189.

    Duit, A. (2016). Resilience Thinking: Lessons for Public Administration. Public Administration, 94(2), 364–380. https://doi.org/10.1111/padm.12182.

    Dunn Cavelty, M., Eriksen, C., & Scharte, B. (2023). Making Cyber Security More Resilient: Adding Social Considerations to Technological Fixes. Journal of Risk Research, 26(7), 801–814. https://doi.org/10.1080/13669877.2023.2208146.

    Elkbuli, A., Herrera, M., Awan, M., & Elassad, C. (2021). Striving towards an Effective Emergency Preparedness and Disaster Management Response: Lessons Learned and Future Directions. The American Journal of Emergency Medicine, 50, 804–805. https://doi.org/10.1016/j.ajem.2021.03.036.

    Espinosa, V. I., & Pino, A. (2024). E-Government as a Development Strategy: The Case of Estonia. International Journal of Public Administration, 1-14. https://doi.org/10.1080/01900692.2024.2316128.

    Fatima, F., Hyatt, J. C., Rehman, S. U., De La Cruz, E., Nadella, G. S., & Meduri, K.(2024). Resilience and Risk Management in Cybersecurity: A Grounded Theory Study of Emotional, Psychological, and Organizational Dynamics. Journal of Economy and Technology, 2, 247–257. https://doi.org/10.1016/j.ject.2024.08.004.

    Ferlie, E., Ashburner, L., Fitzgerald, L., & Pettigrew, A. (1996). The New Public Management in Action. Oxford University Press. https://doi.org/10.1093/acprof:oso/9780198289029.001.0001.

    Fernandez de Arroyabe, J. C., Arroyabe, M. F., Fernandez, I., & Arranz, C. F. A. (2023). Cybersecurity Resilience in SMEs. A Machine Learning Approach. Journal of Computer Information Systems, 64(6), 711–727. https://doi.org/10.1080/08874417.2023.2248925.

    Flowerday, S. V., & Tuyikeze, T. (2016). Information Security Policy Development and Implementation: The What, How and Who. Computers & Security, 61, 169–183. https://doi.org/10.1016/j.cose.2016.06.002.

    Galinec, D., & Steingartner, W. (2017). Combining Cybersecurity and Cyber Defense to Achieve Cyber Resilience. 2017 IEEE 14th International Scientific Conference on Informatics, 87-93. https://doi.org/10.1109/INFORMATICS.2017.8327227.

    Glerum, A., Atasoy, B., & Bierlaire, M. (2014). Using Semi-Open Questions to Integrate Perceptions in Choice Models. Journal of Choice Modelling, 10, 11-33. https://doi.org/10.1016/j.jocm.2013.12.001.

    Gudimetla, S. (2024). Cybersecurity Considerations in Disaster Recovery Planning. International Journal for Research in Applied Science and Engineering Technology, 12, 3143–3149. https://doi.org/10.22214/ijraset.2024.62253.

    Gupta, P., Hooda, A., Jeyaraj, A., Seddon, J. J. M., & Dwivedi, Y. K. (2024). Trust, Risk, Privacy and Security in E-Government Use: Insights from a MASEM Analysis. Information Systems Frontiers. https://doi.org/10.1007/s10796-024-10497–8.

    Hansen, K., Świderska, A. (2024). Integrating Open- and Closed-Ended Questions on Attitudes Towards Outgroups with Different Methods of Text Analysis. Behav Res, 56, 4802–4822 (2024). https://doi.org/10.3758/s13428-023-02218-x.

    Herrman, H., Stewart, D. E., Diaz-Granados, N., Berger, E. L., Jackson, B., & Yuen, T.(2011). What Is Resilience? The Canadian Journal of Psychiatry, 56(5), 258–265. https://doi.org/10.1177/070674371105600.

    Herzog, S. (2011). Revisiting the Estonian Cyber Attacks: Digital Threats and Multinational Responses. Journal of Strategic Security, 4(2), 49-60. http://www.jstor.org/stable/26463926.

    Hood, C. (1991). A Public Management for All Seasons? Public Administration, 69(1), 3–19. https://doi.org/10.1111/j.1467-9299.1991.tb00779.x.

    Hsieh, H. F., & Shannon, S. E. (2005). Three Approaches to Qualitative Content Analysis. Qualitative Health Research, 15(9), 1277–1288. https://doi.org/10.1177/1049732305276687.

    Huang, H., & Li, T. S. (2018). A Centralised Cybersecurity Strategy for Taiwan. Journal of Cyber Policy, 3(3), 344–362. https://doi.org/10.1080/23738871.2018.1553987.

    Huang, H. (2020). A Collaborative Battle in Cybersecurity? Threats and Opportunities for Taiwan. Asia Policy 15(2), 101–106. https://dx.doi.org/10.1353/asp.2020.0015.

    Jakubczak, W., & Yau, H. (2021). Trends in Cybersecurity Regulation of Taiwan (Republic of China) – Phases of Promotion of Major Cyber Security Plans and Programs in the National Cyber Security Program of Taiwan (2021–2024). Zeszyty Naukowe SGSP, 1(80), 199–216. https://doi.org/10.5604/01.3001.0015.6485.

    Jensen, M. C., & Meckling, W. H. (1976). Theory of the Firm: Managerial Behavior, Agency Costs and Ownership Structure. Journal of Financial Economics, 3(4), 305–360. https://doi.org/10.1016/0304-405X(76)90026-X.

    Lichun Chiang, Kuang-Ting Tai & Ivan P. Lee (2024). Compliance with COVID-19 Preventive Policies and Governmental Transparency: An Experimental Analysis. Public Management Review. https://doi.org/10.1080/14719037.2024.2335231.

    Lee, J. Y.-H., Chou, C.-Y., Chang, H.-L., & Hsu, C. (2024). Building Digital Resilience Against Crises: The Case of Taiwan's COVID-19 Pandemic Management. Information Systems Journal, 34(1), 39–79. https://doi.org/10.1111/isj.12471.

    Linkov, I., Kott, A. (2019). Fundamental Concepts of Cyber Resilience: Introduction and Overview. In: Kott, A., Linkov, I. (Eds) Cyber Resilience of Systems and Networks. Risk, Systems, and Decisions. Springer, Cham. https://doi.org/10.1007/978-3-319-77492-3_1.

    Li, Y., & Liu, Q. (2021). A Comprehensive Review Study of Cyber-Attacks and Cyber Security; Emerging Trends and Recent Developments. Energy Reports, 7, 8176–8186. https://doi.org/10.1016/j.egyr.2021.08.126.

    Maleh, Y., Sahid, A., & Belaissaoui, M. (2021). A Maturity Framework for Cybersecurity Governance in Organizations. EDPACS, 63(6), 1–22. https://doi.org/10.1080/07366981.2020.1815354.

    Manantan, M. B. (2020). The People's Republic of China's Cyber Coercion: Taiwan, Hong Kong, and the South China Sea. Issues & Studies, 56(3), 1–29. https://doi.org/10.1142/S1013251120400135.

    Manoharan, A. P., & Ingrams, A. (2018). Conceptualizing E-Government from Local Government Perspectives. State & Local Government Review, 50(1), 56–66. https://www.jstor.org/stable/48596371.

    McDavid, J. C., Huse, I., & Hawthorn, L. R. (2019). Program Evaluation and Performance Measurement: An Introduction to Practice - Third Edition. SAGE Publications, Inc. https://doi.org/10.4135/9781071878897.

    Ministry of Justice. (2018). Law and Regulations Database. https://law.moj.gov.tw/LawClass/LawAll.aspx?pcode=A0030297.

    Moore, M. H. (1995). Creating Public Value: Strategic Management in Government. Harvard University Press.

    Moore, M. H. (2013). Recognizing Public Value. Harvard University Press. http://www.jstor.org/stable/j.ctt2jbwqm.

    Mott, G., Nurse, J. R. C., & Baker-Beall, C. (2023). Preparing for Future Cyber Crises: Lessons from Governance of the Coronavirus Pandemic. Policy Design and Practice, 6(2), 160–181. https://doi.org/10.1080/25741292.2023.2205764.

    Naidoo, I., & Holtzhausen, N. (2020). Contextualising Public Value Theory and Its Measurement in Public Administration. Administratio Publica, 28(2), 191-204. https://doi.org/10.10520/ejc-adminpub-v28-n2-a12.

    Neuert, C. E., Meitinger, K., & Behr, D. (2021). Open-Ended Versus Closed Probes: Assessing Different Formats of Web Probing. Sociological Methods & Research, 52(4), 1981-2015. https://doi.org/10.1177/00491241211031271.

    Peng, S. (2023). Digital Economy and National Security: Contextualizing Cybersecurity-Related Exceptions. AJIL Unbound, 117, 122–127. https://doi.org/10.1017/aju.2023.18.

    Profiroiu, A., & Nastacä, C.-C. (2021). What Strengthens Resilience in Public Administration Institutions? Eastern Journal of European Studies, 12(SI), 100-125. https://doi.org/10.47743/ejes-2021-SI05.

    Riskhan, B., Safuan, H. A. J., Hussain, K., Elnour, A. A. H., Abdelmaboud, A., Khan, F., & Kundi, M. (2023). An Adaptive Distributed Denial of Service Attack Prevention Technique in a Distributed Environment. Sensors, 23(14), 6574. https://doi.org/10.3390/s23146574.

    Saeed, S., Suayyid, S. A., Al-Ghamdi, M. S., Al-Muhaisen, H., & Almuhaideb, A. M.(2023). A Systematic Literature Review on Cyber Threat Intelligence for Organizational Cybersecurity Resilience. Sensors, 23(16), 7273. https://doi.org/10.3390/s23167273.

    Sallos, M.-P., Garcia Perez, A. and Bocanet, A. (2024). Organisational Cyber Resilience: a Heuristic for Bridging Foundations and Applications. Journal of Enterprise Information Management, 37(6), pp. 1926-1952. https://doi.org/10.1108/JEIM-06-2023-0317.

    Safitra, M. F., Lubis, M., & Fakhrurroja, H. (2023). Counterattacking Cyber Threats: A Framework for the Future of Cybersecurity. Sustainability, 15(18), 13369. https://doi.org/10.3390/su151813369.

    Stoker, G. (2011). Was Local Governance Such a Good Idea? A Global Comparative Perspective. Public Administration, 89 (1): 15–31. https://doi.org/10.1111/j.1467-9299.2011.01900.x.

    Szleszyński, A., & Dudziak-Gajowiak, D. (2023). Resilience of Public Administration Bodies to Cyberattacks. SJMULF, 209(3), 182-205. https://doi.org/10.5604/01.3001.0053.8961.

    Taherdoost, H. (2022). Understanding Cybersecurity Frameworks and Information Security Standards—A Review and Comprehensive Overview. Electronics, 11(14), 2181. https://doi.org/10.3390/electronics11142181.

    Turell, J., SU, F., & Boulanin, V. (2020). Lessons from Past Cyber Incidents and Country Studies. In Cyber-Incident Management: Identifying and Dealing with the Risk of Escalation (pp. 32–42). Stockholm International Peace Research Institute. http://www.jstor.org/stable/resrep26199.11.

    Tzavara, V., & Vassiliadis, S. (2024). Tracing the Evolution of Cyber Resilience: A Historical and Conceptual Review. International Journal of Information Security, 23(3), 1695–1719. https://doi.org/10.1007/s10207-023-00811-x.

    Yau, H. M. (2018). Explaining Taiwan's Cybersecurity Policy Prior to 2016: Effects of Norms and Identities. Issues & Studies, 54(2), 1850004-1–30. https://doi.org/10.1142/S1013251118500042.

    Yau, H. M. (2019). A Critical Strategy for Taiwan’s Cybersecurity: A Perspective from Critical Security Studies. Journal of Cyber Policy, 4(1), 35–55. https://doi.org/10.1080/23738871.2019.1604782.

    Weisman, M. J., Kott, A., Ellis, J. E., Murphy, B. J., Parker, T. W., Smith, S., & Vandekerckhove, J. (2025). Quantitative Measurement of Cyber Resilience: Modeling and Experimentation. ACM Trans. Cyber-Phys. Syst., 9(1), Article 1, 1-25. https://doi.org/10.1145/3703159.

    Weiss, R. M. (1983). Weber on Bureaucracy: Management Consultant or Political Theorist? The Academy of Management Review, 8(2), 242–248. https://doi.org/10.2307/257751.

    Weber, M. (1921). Economy and Society: An Outline of Interpretive Sociology. Berkeley, University of California Press.

    Nienhüser, W. (2008). Resource Dependence Theory - How Well Does It Explain Behavior of Organizations? Management Revue, 19(1/2), 9–32. http://www.jstor.org/stable/41783569.

    Wildavsky, A. (1988). Searching for Safety. Transaction Publishers. https://www.routledge.com/Searching-for-Safety/Wildavsky/p/book/9780912051185?srsltid=AfmBOooeORnxOG7cBm5CbGfIL3oGr99iGAJl-vOLkbr53MfNPsROrgKc.

    Williamson, O. E. (1975). Markets and Hierarchies: Analysis and Antitrust Implications: A Study in the Economics of Internal Organization. Free Press. Willett, M. (2024). Attacking the Issue. Adelphi Series, 64(511–513), 17–30. https://doi.org/10.1080/19445571.2024.2417538.

    Zou, B., Choobchian, P., & Rozenberg, J. (2021). Cyber Resilience of Autonomous Mobility Systems: Cyber-Attacks and Resilience-Enhancing Strategies. Journal of Transportation Security, 14(3), 137–155. https://doi.org/10.1007/s12198-021-00230-w.

    無法下載圖示 校內:2030-07-28公開
    校外:2030-07-28公開
    電子論文尚未授權公開,紙本請查館藏目錄
    QR CODE