Human-centred cybersecurity for critical infrastructure

Abstract

Purpose – Cyberattacks on critical infrastructure (CI) pose serious risks to societal resilience, requiring a human-centred approach to crisis management. This study examines public responses to the Florida water plant hack by analysing social media discourse and its role in shaping cybersecurity strategies. Design/methodology/approach – A qualitative case study approach applies the Kübler-Ross five stages of grief model to analyse Twitter posts from the first week following the attack. Abductive thematic analysis identifies patterns in public sentiment, emphasizing the role of social media as a real-time feedback mechanism. Lean principles are integrated to highlight stakeholder-driven cybersecurity improvements. Findings – Public responses followed a structured emotional progression, from denial and humour to anger, bargaining, depression and acceptance. Social media discourse revealed concerns over systemic vulnerabilities, accountability demands and calls for cybersecurity reform. These insights emphasize the importance of transparent crisis communication, proactive risk management and public engagement in strengthening cybersecurity resilience. Practical implications – Findings offer actionable insights for the public, media, private sector and government agencies into crisis response planning, fostering trust and resilience in digital infrastructure security by integrating public feedback into cybersecurity planning through structured social media analysis and iterative learning practices. Originality/value – This study uniquely applies the Kübler-Ross model to cybersecurity crises, offering a novel framework for understanding public reactions. It highlights the role of social media in bridging communication between policymakers and end users and demonstrates how lean thinking can enhance adaptive cybersecurity strategies in CI management.