Received: 2020-02-20  |  Accepted: 2020-05-10  |  Published: 2020-06-30


Cyber effect and security management aspects in critical energy infrastructures


The purpose of the paper is to compare various types of management models that regulate the response to cyber threats to Critical Infrastructures. The development of an effective management model that regulates the response to cyber-attack against Critical Infrastructure is an important issue in security management. Many frameworks attempt to regulate the response that has to be done to recover and eradicate possible threats, but still, there is not a universal appliable model for all Critical Infrastructures. The paper will offer a comparison of various frameworks in an attempt of evaluating the features that a hypothetical model for response to Cyber Incidents to Critical Infrastructures. The focus is on Critical Energy Infrastructure, as their damage directly means damage to other critical infrastructures, given their extreme interconnectivity. After the analysis of five frameworks of responses to Cyber Incidents, an evaluation will be provided, along with a recommendation.


critical infrastructure, management, cyber-attack, energy security, cybersecurity

JEL classifications

M15 , Q48







This research was partly supported by the project, which has received funding from the European Union's Horizon 2020 research and innovation programme under grant agreement No 830892

This is an open access issue and all published articles are licensed under a
Creative Commons Attribution 4.0 International License


Plėta, Tomas
Vilnius Gediminas Technical University, Vilnius, Lithuania
Articles by this author in: CrossRef |  Google Scholar

Tvaronavičienė, Manuela
Vilnius Gediminas Technical University, Vilnius, Lithuania
General Jonas Žemaitis Military Academy of Lithuania, Vilnius, Lithuania
Articles by this author in: CrossRef |  Google Scholar

Casa, Silvia Della
NATO Energy Security Centre of Excellence, Vilnius, Lithuania
Articles by this author in: CrossRef |  Google Scholar

Journal title

Insights into Regional Development





Issue date

June 2020

Issue DOI


ISSN 2345-0282 (online)


VšĮ Entrepreneurship and Sustainability Center, Vilnius, Lithuania


Google Scholar

Article views & downloads

HTML views: 3599  |  PDF downloads: 1091


Beazner M., P. R. (2017). CSS Cyber Defence Hotspot Analysis: Stuxnet. Zurich: Center for Security Studies (CSS), ETH Zurich. Retrieved from

Search via ReFindit

Bhayani M., M. P. (2016). Internet of Things (IoT): In a Way of Smart World. In B. Y. Satapathy S., Proceedings of the International Congress on Information and Communication Technology. Advances in Intelligent Systems and Computing (Vol. 438). Singapore: Springer.

Search via ReFindit

Cichonski P., T. M. (2012). NIST Special Publication 800-61 Revision 2: Computer Security Incident Handling Guide. Washington: U.S. Department of Commerce. Retrieved 2012, from

Search via ReFindit

CISA. (2020, February ). CISA Cyber Incident Scoring System. Retrieved from Cybersecurity and Infrastructure Security Agency (CISA):

Search via ReFindit

CISA. (2020). Cyber Incident Severity Schema. USA: Cybersecurity and Infrastructure Security Agency (CISA). Retrieved from

Search via ReFindit

Darville C. M. D. (2015). Cyber Security Incident Management Guide. (C. f. Belgium, Ed.) Belgium: Cyber Security Coalition. Retrieved from

Search via ReFindit

Limba, T., Plėta, T., Agafonov, K., & Damkus, M. (2017). Cyber security management model for critical infrastructure. Entrepreneurship and Sustainability Issues, 4(4), 559-573.

Search via ReFindit

Marszal, J. M. (2019). Security PHA Review for Consequence-Based Cybersecurity. USA: International Society of Automation (ISA).

Search via ReFindit

NATO. (2020, March 17). Cyber Defence. Retrieved from NATO:

Search via ReFindit

NERC. (2019). Cyber Security – Incident Reporting and Response Planning: Implementation Guidance for CIP-008-6. North American Electric Reliability Corporation. Retrieved from Standard Audits Worksheets DL/RSAW CIP-008-5_2015_v1.docx

Search via ReFindit

NIST. (2018). Framework for Improving Critical Infrastructure Cybersecurity. Washington: National Institute of Standards and Technology. doi:

Search via ReFindit