Received: 2020-02-20  |  Accepted: 2020-05-10  |  Published: 2020-06-30

Title

Cyber effect and security management aspects in critical energy infrastructures


Abstract

The purpose of the paper is to compare various types of management models that regulate the response to cyber threats to Critical Infrastructures. The development of an effective management model that regulates the response to cyber-attack against Critical Infrastructure is an important issue in security management. Many frameworks attempt to regulate the response that has to be done to recover and eradicate possible threats, but still, there is not a universal appliable model for all Critical Infrastructures. The paper will offer a comparison of various frameworks in an attempt of evaluating the features that a hypothetical model for response to Cyber Incidents to Critical Infrastructures. The focus is on Critical Energy Infrastructure, as their damage directly means damage to other critical infrastructures, given their extreme interconnectivity. After the analysis of five frameworks of responses to Cyber Incidents, an evaluation will be provided, along with a recommendation.


Keywords

critical infrastructure, management, cyber-attack, energy security, cybersecurity


JEL classifications

M15 , Q48


URI

http://jssidoi.org/ird/article/36


DOI


HAL


Pages

538-548


Funding

This research was partly supported by the project, which has received funding from the European Union's Horizon 2020 research and innovation programme under grant agreement No 830892

This is an open access issue and all published articles are licensed under a
Creative Commons Attribution 4.0 International License

Authors

Plėta, Tomas
Vilnius Gediminas Technical University, Vilnius, Lithuania https://vilniustech.lt
Articles by this author in: CrossRef |  Google Scholar

Tvaronavičienė, Manuela
Vilnius Gediminas Technical University, Vilnius, Lithuania https://vilniustech.lt
General Jonas Žemaitis Military Academy of Lithuania, Vilnius, Lithuania http://www.lka.lt
Articles by this author in: CrossRef |  Google Scholar

Casa, Silvia Della
NATO Energy Security Centre of Excellence, Vilnius, Lithuania https://enseccoe.org
Articles by this author in: CrossRef |  Google Scholar

Journal title

Insights into Regional Development

Volume

2


Number

2


Issue date

June 2020


Issue DOI


ISSN

ISSN 2345-0282 (online)


Publisher

VšĮ Entrepreneurship and Sustainability Center, Vilnius, Lithuania

Cited

Google Scholar

Article views & downloads

HTML views: 3404  |  PDF downloads: 1059

References


Beazner M., P. R. (2017). CSS Cyber Defence Hotspot Analysis: Stuxnet. Zurich: Center for Security Studies (CSS), ETH Zurich. Retrieved from https://css.ethz.ch/content/dam/ethz/special-interest/gess/cis/center-for-securities-studies/pdfs/Cyber-Reports-2017-04.pdf

Search via ReFindit


Bhayani M., M. P. (2016). Internet of Things (IoT): In a Way of Smart World. In B. Y. Satapathy S., Proceedings of the International Congress on Information and Communication Technology. Advances in Intelligent Systems and Computing (Vol. 438). Singapore: Springer.

Search via ReFindit


Cichonski P., T. M. (2012). NIST Special Publication 800-61 Revision 2: Computer Security Incident Handling Guide. Washington: U.S. Department of Commerce. Retrieved 2012, from https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-61r2.pdf

Search via ReFindit


CISA. (2020, February ). CISA Cyber Incident Scoring System. Retrieved from Cybersecurity and Infrastructure Security Agency (CISA): https://www.us-cert.gov/CISA-Cyber-Incident-Scoring-System

Search via ReFindit


CISA. (2020). Cyber Incident Severity Schema. USA: Cybersecurity and Infrastructure Security Agency (CISA). Retrieved from https://obamawhitehouse.archives.gov/sites/whitehouse.gov/files/documents/Cyber%2BIncident%2BSeverity%2BSchema.pdf

Search via ReFindit


Darville C. M. D. (2015). Cyber Security Incident Management Guide. (C. f. Belgium, Ed.) Belgium: Cyber Security Coalition. Retrieved from https://b-ok.cc/book/3704644/d3244d

Search via ReFindit


Limba, T., Plėta, T., Agafonov, K., & Damkus, M. (2017). Cyber security management model for critical infrastructure. Entrepreneurship and Sustainability Issues, 4(4), 559-573. http://dx.doi.org/10.9770/jesi.2017.4.4(12)

Search via ReFindit


Marszal, J. M. (2019). Security PHA Review for Consequence-Based Cybersecurity. USA: International Society of Automation (ISA). https://open.spotify.com/track/3MRWIuuhlyA4ClGIFWhP1m

Search via ReFindit


NATO. (2020, March 17). Cyber Defence. Retrieved from NATO: https://www.nato.int/cps/en/natohq/topics_78170.htm

Search via ReFindit


NERC. (2019). Cyber Security – Incident Reporting and Response Planning: Implementation Guidance for CIP-008-6. North American Electric Reliability Corporation. Retrieved from www.nerc.com/pa/comp/Reliability Standard Audits Worksheets DL/RSAW CIP-008-5_2015_v1.docx

Search via ReFindit


NIST. (2018). Framework for Improving Critical Infrastructure Cybersecurity. Washington: National Institute of Standards and Technology. doi: https://doi.org/10.6028/NIST.CSWP.04162018

Search via ReFindit