Received: 2020-03-18  |  Accepted: 2020-07-10  |  Published: 2020-12-30

Title

Cyber security management of critical energy infrastructure in national cybersecurity strategies: cases of USA, UK, France, Estonia and Lithuania


Abstract

The progresses made in terms of cybersecurity in these past years have been huge, and the implementation of newer strategies has brought interesting results all over the globe. However, the full implementation of cybersecurity presents a challenge to a lot of countries, especially if considered the Critical Infrastructure Protection (CIP), which is still one of the areas with the most gaps in terms of cybersecurity. In this article, the first five countries by cybersecurity level according to the Global Cybersecurity Index (GCI) 2018, in order UK, USA, France, Estonia and Lithuania, will be evaluated for their solutions in terms of Critical Infrastructure Protection. The results will show the effective accuracy of the index and will shed light on the various approaches to Critical Infrastructure Protection.


Keywords

cybersecurity, critical infrastructure protection, management, energy security, cyber attack


JEL classifications

M15 , Q48


URI

http://jssidoi.org/ird/article/54


DOI


Pages

802-813


Funding

This research is/was funded by the European Social Fund under the No 09.3.3-LMT-K-712 “Development of Competences of Scientists, other Researchers and Students through Practical Research Activities” measure.

This is an open access issue and all published articles are licensed under a
Creative Commons Attribution 4.0 International License

Authors

Tvaronavičienė, Manuela
Vilnius Gediminas Technical University, Vilnius, Lithuania https://www.vgtu.lt
Daugavpils University, Daugavpils, Latvia https://du.lv
Articles by this author in: CrossRef |  Google Scholar

Plėta, Tomas
Vilnius Gediminas Technical University, Vilnius, Lithuania https://www.vgtu.lt
Articles by this author in: CrossRef |  Google Scholar

Casa, Silvia Della
NATO Energy Security Centre of Excellence, Vilnius, Lithuania https://enseccoe.org
Articles by this author in: CrossRef |  Google Scholar

Latvys, Juozas
NATO Energy Security Centre of Excellence, Vilnius, Lithuania https://enseccoe.org
Articles by this author in: CrossRef |  Google Scholar

Journal title

Insights into Regional Development

Volume

2


Number

4


Issue date

December 2020


Issue DOI


ISSN

ISSN 2345-0282 (online)


Publisher

VšĮ Entrepreneurship and Sustainability Center, Vilnius, Lithuania

Cited

Google Scholar

Article views & downloads

HTML views: 386  |  PDF downloads: 132

References


ANSSI. (2020). FAQ: The French CIIP Framework. Retrieved from ANSSI: https://www.ssi.gouv.fr/en/cybersecurity-in-france/ciip-in-france/faq/#2-3

Search via ReFindit


ANSSI. (2020). The French CIIP Framework. Retrieved from ANSSI: https://www.ssi.gouv.fr/en/cybersecurity-in-france/ciip-in-france/

Search via ReFindit


ANSSI. (2020). The French CIPP Framework. Retrieved from ANSSI: https://www.ssi.gouv.fr/en/cybersecurity-in-france/ciip-in-france/

Search via ReFindit


CCDCOE. (2020). About us. Retrieved from CCDCOE: https://ccdcoe.org/about-us/

Search via ReFindit


CESG. (2016). Common Cyber Attacks: Reducing The Impact. London: CESG. Retrieved from https://www.ncsc.gov.uk/static-assets/documents/common_cyber_attacks_ncsc.pdf

Search via ReFindit


Cichonski P., M. T. (2012). NIST Special Publication 800-61 Revision 2: Computer Security Incident Handling Guide. Washington: U.S. Department of Commerce. Tratto il giorno 2012 da https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-61r2.pdf

Search via ReFindit


CISA. (2018, November 21). National Infrastructure Protection. Tratto il giorno May 8, 2020 da https://www.cisa.gov/national-infrastructure-protection-plan

Search via ReFindit


Civil Contingencies Sectretariat. (2004). The Lead Government Department and its role – Guidance and Best Practice. London: Cabinet Office. Retrieved from https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/61355/lead-government-departments-role.pdf

Search via ReFindit


CPNI. (2020). About . Retrieved from Centre for the Protection of National Infrastructure: https://www.cpni.gov.uk/who-we-work

Search via ReFindit


Government of Estonia. (2009). Emergency Act. Tallinn: Government of Estonia. Retrieved from https://www.riigiteataja.ee/en/eli/525062014011/consolide

Search via ReFindit


Government of France. (2015). French National Digital Security Strategy. Paris: Government of France. Retrieved from https://www.enisa.europa.eu/topics/national-cyber-security-strategies/ncss-map/national-cyber-security-strategies-interactive-map/strategies/information-systems-defence-and-security-frances-strategy

Search via ReFindit


Government of the Republic of Lithuania. (2018). National Cyber Incident Management Plan. Vilnius: . https://www.ird.lt/media/force_download/?url=/uploads/structure/docs/42166_cf30b855d9ac94e388b0d52cbf96ae86.pdf

Search via ReFindit


Government of the Republic of Lithuania. (2018). Resolution on the approval of the National Cyber Security Strategy. Vilnius: Government of the Republic of Lithuania.

Search via ReFindit


HM Government. (2015). National Security Strategy and Strategic Defence and Security Review 2015. London: HM Government. Retrieved from https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/478933/52309_Cm_9161_NSS_SD_Review_web_only.pdf

Search via ReFindit


HM Government. (2016). National Cyber Security Strategy 2016-2021. London: HM Government. Retrieved from https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/567242/national_cyber_security_strategy_2016.pdf

Search via ReFindit


Homeland Security. (2013). NIPP 2013 Partnering for Critical Infrastructure Security and Resilience. Washington DC: Homeland Security. Retrieved from https://www.cisa.gov/publication/nipp-2013-partnering-critical-infrastructure-security-and-resilience

Search via ReFindit


Homeland Security. (2013). Supplemental Tool: Executing A Critical Infrastructure Risk Management Approach. Washington DC: Homeland Security. Retrieved from https://www.cisa.gov/publication/nipp-2013-ci-risk-management-approach

Search via ReFindit


Homeland Security. (2013). Supplemental Tool: Incorporating Resilience into Critical Infrastructure Projects. Washington DC: Homeland Security. Retrieved from https://www.cisa.gov/publication/nipp-2013-resilience-ci-projects

Search via ReFindit


Homeland Security. (2013). Supplemental Tool: NPPD Resources to Support Vulnerability Assessments. Washington DC: Homeland Security. Retrieved from https://www.cisa.gov/publication/nipp-2013-resilience-ci-projects

Search via ReFindit


Homeland Security. (2015). Energy Sector-Specific Plan. Washington DC: Homeland Security. Retrieved from https://www.cisa.gov/publication/nipp-ssp-energy-2015

Search via ReFindit


Homeland Security. (2016). Critical Infrastructure Threat Information Sharing Framework. Washington DC: Homeland Security. Retrieved from https://www.cisa.gov/publication/ci-threat-info-sharing-framework

Search via ReFindit


Information System Authority. (2020, January 24). CERT-EE. Retrieved from Information System Authority: https://ria.ee/en/cyber-security/cert-ee.html

Search via ReFindit


ITU. (2019). Global Cybersecurity Index (GCI) 2018. Geneva: ITU. Retrieved from https://www.itu.int/dms_pub/itu-d/opb/str/D-STR-GCI.01-2018-PDF-E.pdf

Search via ReFindit


Izycki E., C. R. (2019). Protection of critical infrastructure in national cyber security strategies. Coimbra: European Conference on Cyber Warfare and Security. Retrieved from https://www.researchgate.net/publication/335760609_Protection_of_critical_infrastructure_in_national_cyber_security_strategies

Search via ReFindit


Joint Committee on the National Security Strategy. (2018). Cyber Security of the UK’s Critical National Infrastructure: Third Report of Session 2017–19. London: House of Lords & House of Commons. Retrieved from https://publications.parliament.uk/pa/jt201719/jtselect/jtnatsec/1708/1708.pdf

Search via ReFindit


Joint Committee on the National Security Strategy. (2018). Cyber Security Skills and the UK’s Critical National Infrastructure: Second Report of Session 2017–19. London: House of Lords & House of Commons. Retrieved from https://publications.parliament.uk/pa/jt201719/jtselect/jtnatsec/706/706.pdf

Search via ReFindit


Limba, T., Plėta, T., Agafonov, K., & Damkus, M. (2017). Cyber security management model for critical infrastructure. Entrepreneurship and Sustainability Issues, 4(4), 559-573. https://doi.org/10.9770/jesi.2017.5.2(15)

Search via ReFindit


National Cyber Security Centre. (2020). National Cyber Security Centre. Retrieved from National Cyber Security Centre: https://www.nksc.lt/en/

Search via ReFindit


National Cyber Security Centre. (2020). What we do . Retrieved from National Cyber Security Centre: https://www.ncsc.gov.uk/section/about-ncsc/what-we-do

Search via ReFindit


NATO Energy Security Center of Excellence. (2020). About. Retrieved from NATO Energy Security Center of Excellence: https://enseccoe.org/en/about/6

Search via ReFindit


NIST. (2018). Framework for Improving Critical Infrastructure Cybersecurity. Washington: National Institute of Standards and Technology. doi: https://doi.org/10.6028/NIST.CSWP.04162018

Search via ReFindit


Republic of Estonia. (2018). Cybersecurity Act. Tallinn: Republic of Estonia. Retrieved from https://www.riigiteataja.ee/en/eli/523052018003/consolide

Search via ReFindit


Republic of Estonia. (2018). Cybersecurity Strategy 2019-2022. Tallinn: Republic of Estonia. Retrieved from https://www.mkm.ee/sites/default/files/kyberturvalisuse_strateegia_2022_eng.pdf

Search via ReFindit


Republic of Estonia. (2018). Requirements for risk analysis of network and information systems and description of security measures. Tallinn. Retrieved from https://www.ria.ee/en/cyber-security/critical-information-infrastructure-protection-ciip.html

Search via ReFindit


Secretariat-General for National Defence and Security. (2017). The Critical Infrastructure protection in France. Paris: Government of France. Retrieved from http://www.sgdsn.gouv.fr/uploads/2017/03/plaquette-saiv-anglais.pdf

Search via ReFindit


Technical Committee ISO/IEC JTC 1. (2013). Information technology - Security techniques - Code if practice for information security controls. Switzerland: ISO/IEC. Retrieved from https://www.iso.org/standard/62726.html

Search via ReFindit


US Department of Energy. (2015). Energy Sector Cybersecurity Framework Implementation Guidance. Washington DC: US Department of Energy. Retrieved from https://www.energy.gov/sites/prod/files/2015/01/f19/Energy%20Sector%20Cybersecurity%20Framework%20Implementation%20Guidance_FINAL_01-05-15.pdf

Search via ReFindit