Engineering and Technology
| Open Access | Convergence of Industrial Risk Prevention and Cybersecurity Governance: A Multi-Dimensional Policy Framework for Systemic Resilience and Compliance
Dr. Julian Thorne , Department of Systems Engineering and Public Policy, University of Melbourne, AustraliaAbstract
This research article explores the critical intersections between industrial risk prevention and modern cybersecurity governance, arguing that the silos separating physical safety from digital security are increasingly obsolete in the face of systemic global threats. By examining the regulatory evolution following catastrophic industrial events-specifically the Lubrizol factory fire in France-and the surge in complex cybercrimes such as the Salt Typhoon and Medibank hacks, the study identifies a pervasive gap in integrated risk frameworks. The research synthesizes the French "major risk prevention" approach with international IT audit frameworks (ITAF) and strategic cybersecurity compliance models. It utilizes a comparative analysis of risk policy tools in Normandy, Piedmont, and Victoria to demonstrate that current methodologies remain overly hazards-focused rather than vulnerabilities-focused. Furthermore, the study investigates the role of third-party vendor risks and the necessity of multi-factor authentication (MFA) as fundamental pillars of organizational resilience. By proposing a "Strategic Cybersecurity Governance" model, this article provides a roadmap for aligning technological protection with legal compliance. The findings suggest that systemic resilience requires a shift from reactive post-accident regulation toward proactive, blockchain-enhanced financial privacy and comprehensive auditing strategies. This article contributes a deep theoretical elaboration on the "chronic crisis" of industrial safety and the emerging challenges of cyber-physical integration, providing a publication-ready synthesis for researchers and policymakers.
Keywords
Cybersecurity Governance, Industrial Risk Prevention, Regulatory Compliance, Systemic Resilience
References
Ibrahim, Y. A., Ishaya, A. O., Yusuf, M., Nancy, I., Bijik, H. A., & Aiyedogbon, S. F. (2024). Cybersecurity and Cybercrimes in Nigeria: An Overview of Challenges and Prospects. 2024 International Conference on Science, Engineering and Business for Driving Sustainable Development Goals (SEB4SDG).
Ilori, O., Nwosu, N. T., & Naiho, H. N. N. (2024). Third-party vendor risks in IT security: A comprehensive audit review and mitigation strategies. World Journal of Advanced Research and Reviews.
ISACA. (2020). ISACA Updates IT Audit Framework (ITAF).
Itani, D., Itani, R., Eltweri, A. A., Faccia, A., & Wanganoo, L. (2024). Enhancing Cybersecurity Through Compliance and Auditing: A Strategic Approach to Resilience. 2024 2nd International Conference on Cyber Resilience (ICCR).
ITGovernance. (2016). Cybersecurity Standards and Frameworks | IT Governance USA.
Jaikaran, C. (2025). Salt Typhoon Hacks of Telecommunications Companies and Federal Response Implications. Congress.gov.
Jasper, C. (2024). The absence of a basic cybersecurity measure led to the Medibank hack, regulator alleges. ABC News.
Joseph, S. A. (2024). Balancing Data Privacy and Compliance in Blockchain-Based Financial Systems. Journal of Engineering Research and Reports.
Margossian, N. (2006). Risques et accidents industriels majeurs: Caractéristiques, réglementation, prévention. Dunod.
Ministère de l’Écologie, du Développement Durable et de l’Énergie (MEDDE). (2013). La démarche française de prévention des risques majeurs.
Ministry of Ecological Transition. (2020). Les évolutions réglementaires post-lubrizol sur la prévention et la préparation à la gestion des accidents, en un coup d’œil.
Mohammed Nayeem (2025). Strategic Cybersecurity Governance: A Risk-Based Policy Framework for IT Protection and Compliance. In Proceedings of the International Conference on Artificial Intelligence and Cybersecurity (ICAIC 2025).
Negre, E. (2021). Crisis management and distrust: study of an industrial accident in France. Proceedings of the 54th Hawaii International Conference on System Sciences.
Sénat. (2020). Évaluer l’intervention des services de l’État dans la gestion des conséquences environnementales, sanitaires et économiques de l’incendie de l’usine Lubrizol à Rouen. Tome I: Rapport & Tome II: Auditions.
Tannous, S., Merad, M., & Hayes, J. (2022). Major accidents and risk prevention policies in the chemical and petrochemical industry in France: Paving the way towards an assessment framework. Proceedings of the 32nd European Safety and Reliability Conference (ESREL 2022).
Tannous, S., Merad, M., & Hayes, J. (2024). A comparative analysis of risk prevention policy tools and governance structures in Normandy (France) and Victoria (Australia): assessing policies for high-risk sites. Int. J. Disaster Risk Reduct.
Tannous, S., Castro Rodriguez, D. J., Merad, M., & Demichela, M. (2025). Risk policy tools for high-risk industrial sites in Normandy (France) and Piedmont (Italy): more hazards-focused than vulnerabilities-focused. J. Risk Res.
Download and View Statistics
Copyright License
Copyright (c) 2025 Dr. Julian Thorne
This work is licensed under a Creative Commons Attribution 4.0 International License.
Authors retain the copyright of their manuscripts, and all Open Access articles are disseminated under the terms of the Creative Commons Attribution License 4.0 (CC-BY), which licenses unrestricted use, distribution, and reproduction in any medium, provided that the original work is appropriately cited. The use of general descriptive names, trade names, trademarks, and so forth in this publication, even if not specifically identified, does not imply that these names are not protected by the relevant laws and regulations.