Cyber security management model for critical infrastructure

Limba, Tadas; Plėta, Tomas; Agafonov, Konstantin; Damkus, Martynas

doi:10.9770/jesi.2017.4.4(12)

Cited by 44 publications

(70 citation statements)

References 11 publications

(14 reference statements)

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…While not being able to develop a precise degree of accuracy or to classify the framework for "best application", it is, however, possible to highlight the best solutions to the issues in CEI. To develop an effective cybersecurity model, the structure that will be taken into consideration will be the one described by Limba & Pleta (Limba et al 2017 IRD.2020.2.2(3) legal regulation, meaning that there are legal proceedings and requirements about cybersecurity, good governance, which means that the main aims of cybersecurity need to be understood (including the fact that some risks could never be excluded) (Limba et al 2017). However, the most important dimensions taken into the analysis will be risk management, security culture, as the organization is "as vulnerable as the people working there", technology management and incident management (Limba et al 2017).…”

Section: Recommendations For a Possible Framework And Conclusionmentioning

confidence: 99%

“…For what concerns the risk management, it is described as the ability to properly identify risks ad ensuring that they are being taken care of by specialists (Limba et al 2017). The document that provided the most adequate guidelines for a hypothetical CEI framework is the NERC Implementation Guidance for CIP-008-6.…”

Section: Recommendations For a Possible Framework And Conclusionmentioning

confidence: 99%

“…Lastly, for technology management, the most interesting approach was offered by the Security PHA Review for Consequence-Based Cybersecurity, as it offered the knowledge about each component that is controlled by IT can be vulnerable (Limba et al 2017). As mentioned in the previous analysis, the scenario-based approach is the best one that can thoroughly analyze every single component of an ICS system.…”

Section: Recommendations For a Possible Framework And Conclusionmentioning

confidence: 99%

See 2 more Smart Citations

Cyber effect and security management aspects in critical energy infrastructures

Plėta¹,

Tvaronavičienė²,

Casa³

2020

IRD

Self Cite

View full text Add to dashboard Cite

The purpose of the paper is to compare various types of management models that regulate the response to cyber threats to Critical Infrastructures. The development of an effective management model that regulates the response to cyber-attack against Critical Infrastructure is an important issue in security management. Many frameworks attempt to regulate the response that has to be done to recover and eradicate possible threats, but still, there is not a universal appliable model for all Critical Infrastructures. The paper will offer a comparison of various frameworks in an attempt of evaluating the features that a hypothetical model for response to Cyber Incidents to Critical Infrastructures. The focus is on Critical Energy Infrastructure, as their damage directly means damage to other critical infrastructures, given their extreme interconnectivity. After the analysis of five frameworks of responses to Cyber Incidents, an evaluation will be provided, along with a recommendation.

show abstract

Section: Recommendations For a Possible Framework And Conclusionmentioning

confidence: 99%

Section: Recommendations For a Possible Framework And Conclusionmentioning

confidence: 99%

Section: Recommendations For a Possible Framework And Conclusionmentioning

confidence: 99%

See 1 more Smart Citation

Cyber effect and security management aspects in critical energy infrastructures

Plėta¹,

Tvaronavičienė²,

Casa³

2020

IRD

Self Cite

View full text Add to dashboard Cite

show abstract

“…By making your team aware of their responsibilities and the consequences of mistakes and negative behavior you can create a culture of accountability. This also has the more positive effect of highlighting any issues that exist before they develop into full problems which can then be dealt with training or increased monitoring [11].…”

Section: Create a Data Protection Policymentioning

confidence: 99%

Emerging Cyber Security Threats in Organization

Woldemichael¹

2020

IJICS

View full text Add to dashboard Cite

Background Cyber-security is a preventive preparation of protecting sensitive information, information systems, computers, servers, critical infrastructure, mobile devices, and computer networks from unauthorized access or hackers. Now a day digital technology takes the most significant role in growth effectiveness and efficiency in the organization. However, new technologies like mobile technologies (5G), IoT and cloud computing are Coming with new information security threats. Study design qualitative, survey, case study and an in-depth literature review were conducted. Employees still using the old software, they didn't update the software (operating system), they use a permanent password, they are still using weak and default password (Wife name or her phone number) information security literacy and behavior end users or IT staff. They don't have awareness about proactive cyber-attacks prevention policies and procedures. Because they have not took short and long term training on most serious cyber-attacks like ransom ware, social engineering, malware, DDoS, and phishing. This study aims to assess the most common and emerging cyber security threats. That the organizations are facing. The main objective of these investigations is to create awareness about the emerging and the most serious cyber-attacks occurring in the organization. The findings/results demonstrate that cyber security preparations and trained employees are very low; hackers becoming more sophisticated. Conclusion based the findings we conclude that cyber security protection using current method is not sufficient; employees have no idea about security threats due to lack of awareness and training.

show abstract

“…Cybersecurity is a very important aspect of the digital development that every country around the globe aims to achieve [1]. In order to offer new online applications and remote services to citizens, these must be secured and robust to several attacks.…”

Section: Introductionmentioning

confidence: 99%

Cybersecurity in the Era of Digital Transformation: The case of Greece

Μαγλαράς

Drivas

Chouliaras

et al. 2020

2020 International Conference on Internet of Things and Intelligent Applications (ITIA)

View full text Add to dashboard Cite

This article presents the cyber security progress in Greece since the creation of the Greek National Cyber Security Authority as a nation-wide cybersecurity coordination and policy making unit. During this period, Greece issued a Ministerial Decree that established the National Cyber Security Authority, issued the National Cybersecurity strategy, transposed the NIS Directive to National Law and issued a Ministerial Decree that helped establish a cybersecurity framework for the public sector and the critical infrastructures that reside in Greece. This structured effort led to the achievement of gaining the 1 st position in the prestigious NCSI index for Greece, amongst 160 countries.

show abstract

Cyber security management model for critical infrastructure

Cited by 44 publications

References 11 publications

Cyber effect and security management aspects in critical energy infrastructures

Cyber effect and security management aspects in critical energy infrastructures

Emerging Cyber Security Threats in Organization

Cybersecurity in the Era of Digital Transformation: The case of Greece

Contact Info

Product

Resources

About