Home Digital Cultural Heritage, Cybersecurity, and the Human Factor
Article
Licensed
Unlicensed Requires Authentication

Digital Cultural Heritage, Cybersecurity, and the Human Factor

  • Marin Vuković and Tamara Štefanac ORCID logo EMAIL logo
Published/Copyright: December 22, 2023
Become an author with De Gruyter Brill
Submit Manuscript Author Information
Preservation, Digital Technology & Culture
From the journal Preservation, Digital Technology & Culture Volume 52 Issue 4

Abstract

Digital heritage, with its intellectual and cultural identity value, constitutes a significant asset. This also makes it an important asset in the cyber market. Cultural heritage institutions, recognising the vital role of digital assets, confront various information security risks and must adopt cyber threat related strategies to counter potential cyber-attacks. This paper first investigates the susceptibility of digital heritage objects to cyber threats by examining their distinctive characteristics. The study subsequently poses research enquiries concerning the cybersecurity proficiency and general awareness of cultural heritage professionals. A conducted survey in Croatia among these professionals analyses their information and computer practices related to the storage and preservation of digital cultural heritage. Findings reveal that while overall cybersecurity awareness is commendable, there exists a deficiency in cybersecurity and data protection training among cultural heritage professionals, even at the basic level. Additionally, the study highlights insufficient technical support and equipment for cybersecurity within cultural heritage institutions.

Keywords: digital cultural heritage; cybersecurity; digital preservation
Corresponding author: Tamara Štefanac, National and University Library in Zagreb, Hrvatske bratske zajednice 4, Zagreb, 10000, Croatia, E-mail:

Acknowledgements

We are thankful to our study participants for their time and effort.

Appendix: Questionnaire Used in the Survey[2]

  1. Please indicate the type of institution or organisation where you work:

    1. Archive

    2. Museum

    3. Library

    4. Gallery

    5. Institute

    6. Association

    7. Library/archive/museum included

    8. Other (free text input)

  2. Is there a department or person in charge of IT systems management in your institution?

    1. Yes

    2. No

  3. How long have you been working at your current workplace?

    1. Up to 5 years

    2. 6 to 10 years

    3. 10 to 15 years

    4. More than 15 years

  4. Have you passed the professional exam for a certain professional title so far?

    1. Yes

    2. No

If the answer to the previous question is “Yes”, please indicate which professional title you have obtained:

    1. Curator

    2. Senior curator

    3. Museum advisor

    4. Documentary artist

    5. Senior documentarian

    6. From the archive

    7. Senior archivist

    8. Archival consultant

    9. Librarian

    10. Graduated librarian

    11. Senior librarian

    12. Library advisor

    13. Professional associate

    14. Senior Associate

    15. Other (free text input)

  2. What types of materials do you come into contact with in your daily work (multiple answers possible):

    1. Original analogue materials (e.g. three-dimensional museum objects, book materials, archival materials on paper or parchment)

    2. Digitised materials and materials

    3. Digitised documentation material and documentary material

    4. Original digital documents and/or audio-visual material

  3. Are you in charge of describing materials in your daily work?

    1. Yes

    2. No

  4. Do you have the role of administrator of collections of digital and digitised materials?

    1. Yes

    2. No

  5. Do you come into contact with confidential and/or personal data in your daily work?

    1. Yes

    2. No

  6. Do you think that the security of digital and digitised materials is adequately and clearly regulated in existing professional guidelines and instructions?

    1. Yes

    2. No

    3. I do not know

    4. Other (free text input)

  7. How would you rate your general technical knowledge of computers and the Internet?

    1. Bad

    2. Good

    3. Excellent

  8. Have you participated in any kind of education related to the problems of security and privacy on the Internet?

    1. Yes

    2. No

  9. Are you familiar with the procedures for protecting digital documents and digital and digitised materials on your business computer?

    1. Yes

    2. No

    3. Partially

  10. Do you access business computer equipment from home (e.g. remote work)?

    1. Sometimes

    2. Often

    3. Never

    4. In my institution, there is no possibility of external access to business computer equipment

  11. The passwords for accessing your user account on a business computer are available:

    1. Only to you

    2. To you and your superior

    3. To you and the IT/administrator

    4. I’m not sure

  12. Assess the possibility of hacking your business computer?

    1. There is a small possibility

    2. There is a great possibility

    3. Hacking my business computer is unlikely

    4. There is no possibility of hacking

    5. I don’t know/I’m not sure

    6. Other (free text input)

  13. You have received an e-mail from your supervisor/IT specialist to urgently change your business password via the link in the message. What should you do?

    1. I will always trust an e-mail sent from a superior/IT specialist

    2. I will check what this is about before changing the password

    3. I will completely ignore the message

  14. Do you connect your private mobile phone to the network at work via Wi-Fi?

    1. Often

    2. Sometimes

    3. Never

    4. There is no business Wi-Fi network available in our institution

    5. Connecting private devices to any network is not allowed in our institution

  15. How often do you change your business password?

    1. In the institution, we have a defined policy of periodic password changes

    2. Sometimes, on my own initiative

    3. Never

References

Alcala, R. 2022. “Ukraine Symposium – The Ukraine Conflict and the Future of Digital Cultural Property.” Articles of War. https://lieber.westpoint.edu/ukraine-conflict-future-digital-cultural-property/ (accessed September 25, 2023).Search in Google Scholar

Bishara, H. 2020. “How Does the Vatican Protect its Digitized Collection from Hackers?” Hyperallergic. https://hyperallergic.com/600782/vatican-hires-cybersecurity-library/ (accessed September 25, 2023).Search in Google Scholar

Cascone, S. 2020. “Hackers Have Stolen Private Information from Donor Lists to 200 Institutions, Including the Smithsonian and the UK’s National Trust.” artnet®news. https://news.artnet.com/art-world/hackers-hit-smithsonian-parrish-corning-1905256 (accessed September 25, 2023).Search in Google Scholar

Donaldson, D. R., and L. Bell. 2018. “Security, Archivists, and Digital Collections.” Journal of Archival Organization 15 (1–2): 1–19. https://doi.org/10.1080/15332748.2019.1609311.Search in Google Scholar

Dulong de Rosnay, M., and F. Musiani. 2012. “The Preservation of Digital Heritage: Epistemological and Legal Reflections.” ESSACHESS. Journal for Communication Studies 5 (2): 81–94.Search in Google Scholar

Galba, T., K. Solic, and K. Nenadic. 2018. “Evidential Reasoning Approach to Behavioural Analysis of ICT Users’ Security Awareness.” Technical Gazette 25 (2): 309–15. https://doi.org/10.17559/TV-20150513123751.Search in Google Scholar

Gandhi, R., A. Sharma, W. Mahoney, W. Sousan, Z. Qiuming, and P. Laplante. 2011. “Dimension of Cyber Attacks: Social, Political, Economic and Cultural.” IEEE Technology and Society Magazine 30 (1): 28–38. https://doi.org/10.1109/MTS.2011.940293.Search in Google Scholar

Hui, Y. 2012. “What Is a Digital Object?” Metaphyilosophy 43 (4): 380–95. https://doi.org/10.1111/j.1467-9973.2012.01761.x.Search in Google Scholar

Information Security Act. 2007. Narodne novine (79). https://narodne-novine.nn.hr/eli/sluzbeni/2007/79/2484 (accessed November 22, 2023).Search in Google Scholar

International Centre for the Study of the Preservation and Restoration of Cultural Property. 2022. Sustaining Digital Heritage Initiative. https://www.iccrom.org/programmes/sustaining-digital-heritage (accessed November 22, 2023).Search in Google Scholar

Kirschenbaum, M. G., R. Ovenden, and G. Redwine. 2010. Digital Forensics and Born-Digital Content in Cultural Heritage Collections. Washington, D.C.: Council on Library and Information Resources. https://www.clir.org/wp-content/uploads/sites/6/pub149.pdf (accessed September 25, 2023).Search in Google Scholar

Law on Archives and Archival Material. 2018. Official Gazette (61). https://narodne-novine.nn.hr/clanci/sluzbeni/full/2018_07_61_1265.html (accessed November 22, 2023).Search in Google Scholar

Law on Libraries and Library Activities. 2019. Official Gazette (17, 19). https://narodne-novine.nn.hr/clanci/sluzbeni/2019_02_17_356.html; https://narodne-novine.nn.hr/clanci/sluzbeni/2019_10_98_1945.html (accessed November 22, 2023).Search in Google Scholar

Li, X. 2017. “A Review of Motivations of Illegal Cyber Activities.” Kriminologija & socijalna integracija 25 (1): 110–26. https://doi.org/10.31299/ksi.25.1.4.Search in Google Scholar

Owen, J. M. 2005. “Preserving the Digital Heritage: Roles and Responsibilities for Heritage Repositories.” In Selected Papers of the International Conference Organized by Netherlands National Commission for UNESCO Koninklijke Bibliotheek (National Library of the Netherlands), The Hague, November 4–5, 2005, edited by Yola de Lusen, and Vincent Wintermans, 45–9. https://www.ica.org/sites/default/files/WG_2007_PAAG-preserving-the-digital-heritage_EN.pdf (accessed September 25, 2023).Search in Google Scholar

Registry of Public and Private Museums in Croatia. 2019. Official Gazette (16). https://narodne-novine.nn.hr/eli/sluzbeni/2019/16/337 (accessed November 22, 2023).Search in Google Scholar

Regulation on Protective Measures for the Security of Information Systems. 2008. Official Gazette (46). https://narodne-novine.nn.hr/eli/sluzbeni/2008/46/1547 (accessed November 22, 2023).Search in Google Scholar

Rosén, F. 2022. NATO and Cultural Property: A Hybrid Threat Perspective. Copenhagen: Nordic Center for Cultural Heritage and Armed Conflict. https://www.heritageconflict.org/blog/2022/3/2/nato-and-cpp-a-hybrid-threat-perspective (accessed September 25, 2023).Search in Google Scholar

San Nicolas-Rocca, T., and R. J. Burkhard. 2019. “Information Security in Libraries: Examining the Effects of Knowledge Transfer.” Information Technology and Libraries 38 (2): 58–71. https://doi.org/10.6017/ital.v38i2.10973.Search in Google Scholar

Schmitt, M. N., ed. 2017. Tallinn Manual 2.0 on the International Law Applicable to Cyber Operations. 2nd ed. New York: Cambridge University Press.10.1017/9781316822524Search in Google Scholar

Soare, B. 2022. What Are the Main Attack Vectors in Cybersecurity? https://heimdalsecurity.com/blog/attack-vectors/ (accessed November 25, 2023).Search in Google Scholar

UNESCO. 1954. Convention for the Protection of Cultural Property in the Event of Armed Conflict with Regulations for the Execution of the Convention. http://portal.unesco.org/en/ev.php-URL_ID=13637&URL_DO=DO_TOPIC&URL_SECTION=201.html (accessed November 22, 2023).Search in Google Scholar

UNESCO. 2003. Charter on the Preservation of the Digital Heritage, Adopted at the 32nd Session of the General Conference of UNESCO. https://unesdoc.unesco.org/ark:/48223/pf0000179529.page=2 (accessed November 22, 2023).Search in Google Scholar

UNESCO. 2015. Recommendation Concerning the Preservation of, and Access to, Documentary Heritage, Including in Digital Form (38 C/24). UNESCO General Conference, 38th. https://unesdoc.unesco.org/ark:/48223/pf0000233916 (accessed November 22, 2023).Search in Google Scholar
Received: 2023-09-25
Accepted: 2023-11-20
Published Online: 2023-12-22
Published in Print: 2023-12-15

© 2023 Walter de Gruyter GmbH, Berlin/Boston

Articles in the same Issue

  1. Frontmatter
  2. Editorial
  3. From the Editor
  4. Articles
  5. Legislative Acts on Electronic Document Management in China
  6. Digital Cultural Heritage, Cybersecurity, and the Human Factor
  7. Smart Solutions for Heritage Sites: Florence and Yazd
  8. Strategies for Promoting Open Access Resources in Academic Institutions
  9. Book Review
  10. Raiford Guins: Replayed: Essential Writings on Software Preservation and Game Histories
https://doi.org/10.1515/pdtc-2023-0040
Keywords for this article
digital cultural heritage; cybersecurity; digital preservation

Articles in the same Issue

  1. Frontmatter
  2. Editorial
  3. From the Editor
  4. Articles
  5. Legislative Acts on Electronic Document Management in China
  6. Digital Cultural Heritage, Cybersecurity, and the Human Factor
  7. Smart Solutions for Heritage Sites: Florence and Yazd
  8. Strategies for Promoting Open Access Resources in Academic Institutions
  9. Book Review
  10. Raiford Guins: Replayed: Essential Writings on Software Preservation and Game Histories
Sign up now to receive a 20% welcome discount
Institutional Access
How does access work?
Have an idea on how to improve our website?
Please write us.
© 2025 De Gruyter Brill
Downloaded on 14.9.2025 from https://www.degruyterbrill.com/document/doi/10.1515/pdtc-2023-0040/html
Scroll to top button