Received: 2022-01-15  |  Accepted: 2022-03-10  |  Published: 2022-03-30

Title

Analysis of the critical infrastructure cyber security policy


Abstract

Critical infrastructures are complex operating environments that often require special protection and security. A successful security strategy design should adhere to the principles of durability, integrity, and regularity. In the European Union, there is a strong interest in the security of critical infrastructures, especially those with interdependence. Given the fact that critical infrastructures play an essential role in a country's economy, it makes them even more vulnerable. The main aim of this article is to analyze the critical infrastructures' cyber security policy. The creation of a security strategy requires identification of the needs for equipment, mode of operation, and required security level. It has to establish rules for precise operation and handling of situations. The article tackles the issues of security strategy for critical infrastructures to protect sensitive areas and sectors. In addition, a cybersecurity policy as a countermeasure is discussed.


Keywords

industry, control systems, security, privacy, attack, management, energy


JEL classifications

O38


URI

http://jssidoi.org/ird/article/89


DOI


HAL


Pages

26-39


Funding


This is an open access issue and all published articles are licensed under a
Creative Commons Attribution 4.0 International License

Authors

Tvaronavičienė, Manuela
Vilnius Gediminas Technical University, Vilnius, Lithuania https://vilniustech.lt
Articles by this author in: CrossRef |  Google Scholar

Plėta, Tomas
Vilnius Gediminas Technical University, Vilnius, Lithuania https://vilniustech.lt
Articles by this author in: CrossRef |  Google Scholar

Beretas, Christos P.
Innovative Knowledge Institute Paris Graduate School, Paris, France https://parisgraduateschool.org
Articles by this author in: CrossRef |  Google Scholar

Lelešienė, Lina
Mykolas Romeris University, Vilnius, Lithuania https://www.mruni.eu
Articles by this author in: CrossRef |  Google Scholar

Journal title

Insights into Regional Development

Volume

4


Number

1


Issue date

March 2022


Issue DOI


ISSN

ISSN 2345-0282 (online)


Publisher

VšĮ Entrepreneurship and Sustainability Center, Vilnius, Lithuania

Cited

Google Scholar

Article views & downloads

HTML views: 1453  |  PDF downloads: 603

References


Abdulrahaman, O. O., Mohd, W. M., Raja, M. L. 2018. Smart grids security challenges: Classification by sources of threats. Journal of Electrical Systems and Information Technology, 5(3), 468-483. https://doi.org/10.1016/j.jesit.2018.01.001

Search via ReFindit


Atkins, S., Lawson, Ch, 2020. An Improvised Patchwork: Success and Failure in Cybersecurity Policy for Critical Infrastructure, PAR, https://doi.org/10.1111/puar.13322

Search via ReFindit


Baig, Z., Zeadally, S. 2019. Cyber-Security Risk Assessment Framework for Critical Infrastructures. Intelligent Automation and Soft Computing, 25(1), 121-129.

Search via ReFindit


Bennett, B. T. 2018. Understanding, Assessing, and Responding to Terrorism: Protecting Critical Infrastructure and Personnel, the 2nd Edition. Wiley.

Search via ReFindit


Blokus, A., Dziula, P. 2019. Safety Analysis of Interdependent Critical Infrastructure Networks. Transnav-International Journal on Marine Navigation and Safety of Sea Transportation, 13(4), 781-787. http://doi.org/10.12716/1001.13.04.10

Search via ReFindit


Brucherseifer, E., Winter, H., Mentges, A., Muhlhauser, M., Hellmann, M. 2021. Digital Twin conceptual framework for improving critical infrastructure resilience. at-Automatisierungstechnik, 69(12), 1062-1080. http://doi.org/10.1515/auto-2021-0104

Search via ReFindit


Bruzgiene, R., Jurgilas, K. 2021. Securing Remote Access to Information Systems of Critical Infrastructure Using Two-Factor Authentication. Electronics, 10(15), Article Number 1819 http://doi.org/10.3390/electronics10151819

Search via ReFindit


Cernan, M., Muller, Z., Tlusty, J., Halaska, J. 2020. Critical Infrastructure and the Possibility of Increasing its Resilience in the Context of the Energy Sector. In Ed. (Muller, Z., Muller, M.) 21ST INTERNATIONAL SCIENTIFIC CONFERENCE ON ELECTRIC POWER ENGINEERING (EPE). Book Series International Scientific Conference on Electric Power Engineering, 505-509.

Search via ReFindit


Cifranic, N., Hallman, R.A., Romero-Mariona, J., Souza, B., Calton, T., Coca, G. 2020. Decepti-SCADA: A cyber deception framework for active defense of networked critical infrastructures. Internet of Things, 12 Article Number 100320 http://doi.org/10.1016/j.iot.2020.100320

Search via ReFindit


Coole, M., Corkill, J., Woodward, A. 2012. Defence-in-depth, protection in depth and security in-depth: A comparative analysis towards a common usage language. SRI Security Research Institute, Perth, Western Australia: Edith Cowan University.

Search via ReFindit


Dawson, M., Bacius, R., Vassilakos, A. 2021. Understanding the Challenge of Cybersecurity in Critical Infrastructure Sectors. Land Forces Academy Review, XXVI, 1(101), https://doi.org/10.2478/raft-2021-0011

Search via ReFindit


Djenna, A., Harous, S., Saidouni, D.E. 2021. Internet of Things Meet Internet of Threats: New Concern Cyber Security Issues of Critical Cyber Infrastructure. Applied Sciences-Basel, 11(10), Article Number 4580 http://doi.org/10.3390/app11104580

Search via ReFindit


Dong, S.J., Malecha, M., Farahmand, H., Mostafavi, A., Berke, P.R., Woodruff, S.C. 2021. Integrated infrastructure-plan analysis for resilience enhancement of post-hazards access to critical facilities. Cities, 117 Article Number 103318 http://doi.org/10.1016/j.cities.2021.103318

Search via ReFindit


Electric Reliability Corporation. Retrieved from www.nerc.com/pa/comp/Reliability Standard Audits Worksheets DL/RSAW CIP-008-5_2015_v1.docx

Search via ReFindit


Faizan, A. R., Dominic, P.D.D., Kashif, A. 2020. Organizational Governance, Social Bonds and Information Security Policy Compliance: A Perspective towards Oil and Gas Employees, Sustainability, 12(20), 8576 https://doi.org/10.3390/su12208576

Search via ReFindit


Gabrijelcic, D., Caleta, D., Zahariadis, T., Santori, F., Desantis, C., & Gasparini, T. (2020). 13. Part III: Securing Critical Infrastructures of the Energy Sector: Security Challenges for the Critical Infrastructures of the Energy Sector. Cyber-Physical Threat Intelligence for Critical Infrastructures Security: A Guide to Integrated Cyber-Physical Protection of Modern Critical Infrastructures. https://doi.org/10.1561/9781680836875.ch13

Search via ReFindit


IEEE Standards. 2013. IEEE Cyber Security for the Smart Grid. New York: IEEE Standards. Retrieved from https://ieeexplore.ieee.org/abstract/document/6613505?casa_token=wMK-pzZ6EdwAAAAA:4c4nRqlxSrEEYXLRsUo56fNrE1A_iCQotwioes8cBpp4_GHUmbSvd8FTwjKJaQXODRpQWVQ

Search via ReFindit


ISACA. 2018. COBIT® 2019 Framework: Governance and Management Objectives. ISACA. Retrieved from https://www.isaca.org/bookstore/bookstore-cobit_19-digital/wcb19igio

Search via ReFindit


Kovacevic, A., Putnik, N., Toskovic, O. 2020. Factors Related to Cyber Security Behavior. Ieee Access, 8, 125140-125148 http://doi.org/10.1109/ACCESS.2020.3007867

Search via ReFindit


Krutz, R. L. 2016. Industrial Automation and Control System Security Principles. International Society of Automation; 2nd edition.

Search via ReFindit


Li, J. H. 2020. Overview of Cyber Security Threats and Defense Technologies for Energy Critical Infrastructure. Journal of Electronics & Information Technology, 42(9), 2065-2081. http://doi.org/10.11999/JEIT191055

Search via ReFindit


Limba, T., Plėta, T., Agafonov, K., & Damkus, M. 2017. Cyber security management model for critical infrastructure. Entrepreneurship and Sustainability Issues, 4(4), 559-573. http://dx.doi.org/10.9770/jesi.2017.4.4(12)

Search via ReFindit


Lin, J., Tai, K., Kong, R.T.L., Soon, S.M. 2019. Modelling critical infrastructure network interdependencies and failure. International Journal of Critical Infrastructures, 15(1), 1-23

Search via ReFindit


Loiko, V., Khrapkina, V., Maliar, S., Rudenko, M. 2020. Economic and Legal Principles for Protecting Critical Infrastructure Protection. Financial and Credit Activity-Problems of Theory and Practice, 4(35), 426-437.

Search via ReFindit


NERC. 2019. Cyber Security – Incident Reporting and Response Planning: Implementation Guidance for CIP-008-6. North American

Search via ReFindit


NIST. 2014. Guidelines for Smart Grid Cybersecurity. Washington: NIST. http://dx.doi.org/10.6028/NIST.IR.7628r1

Search via ReFindit


NIST. 2018. Framework for Improving Critical Infrastructure Cybersecurity. Washington: National Institute of Standards and Technology. https://doi.org/10.6028/NIST.CSWP.04162018

Search via ReFindit


Plėta, T., Tvaronavičienė, M., & Casa, S. D. (2020). Cyber effect and security management aspects in critical energy infrastructures. Insights into Regional Development, 2(2), 538-548. https://doi.org/10.9770/IRD.2020.2.2(3)

Search via ReFindit


Rod, B., Lange, D., Theocharidou, M., Pursiainen, C. 2020. From Risk Management to Resilience Management in Critical Infrastructure. Journal Of Management In Engineering, 36(4), Article Number 04020039 ME.1943-5479.0000795 http://doi.org/10.1061/(ASCE)

Search via ReFindit


Securelist by Kaspersky https://securelist.com/ddos-attacks-in-q3-2021/104796/

Search via ReFindit


Sonesson, T.R. Johansson, J., Cedergren, A. 2021. Governance and interdependencies of critical infrastructures: Exploring mechanisms for cross-sector resilience. Safety Science, 142 Article Number 105383 http://doi.org/10.1016/j.ssci.2021.105383

Search via ReFindit


Urlainis, A., Ornai, D., Levy, R., Vilnay, O., Shohet, I.M. 2022. Loss and damage assessment in critical infrastructures due to extreme events. Safety Science, 147. Article Number 105587 http://doi.org/10.1016/j.ssci.2021.105587

Search via ReFindit


Weiss, M., Biermann, F. 2021. Cyberspace and the protection of critical national infrastructure. Journal of Economic Policy Reform http://doi.org/10.1080/17487870.2021.1905530

Search via ReFindit


Wisniewsk, M. 2020. Methodology of situational management of critical infrastructure security. Foundations of Management, 12(1), 43-60. http://doi.org/10.2478/fman-2020-0004

Search via ReFindit


Yao, X.J. Wei, H.H., Shohet, I.M., Skibniewski, M.J. 2020. Assessment of Terrorism Risk to Critical Infrastructures: The Case of a Power-Supply Substation. Applied Sciences, 10(20), Article Number 7162 http://doi.org/10.3390/app10207162

Search via ReFindit