979-13-991104-4-9
This document analyzes the DR² Model from the Center for Industrial Cybersecurity, a framework designed to govern critical decision-making under uncertainty in IT/OT environments. Unlike classic models, this approach separates technical capability from the legitimacy to decide, directly linking authority to actual impact and the “pain” assumed. Through four fundamental states (M-I-D-E) and ten essential rules, the model avoids blind automation and decision-making black boxes, guaranteeing human sovereignty, organizational traceability, and operational compliance with current regulations such as the AI Act.
Are you not a member of the Industrial Cybersecurity Center yet?
Register here