Jouni Pöyhönen scite author profile

Cybersecurity-related capabilities play an ever-growing role in national security, as well as securing the functions vital to society. The national cyber capability includes the resilience of companies running critical infrastructures, their cyber situational awareness (SA) and the sharing of cybersecurity information required for cyber SA. As critical infrastructures become more complex and interdependent, ramifications of incidents multiply. The EU Network and Information Security Directive calls for cybersecurity collaboration between EU member states regarding critical infrastructures and places the most crucial service providers and digital service providers under security-related obligations. Developing better SA requires information sharing between the different interest groups and enhances the preparation for and management of incidents. The arrangement is based on drawing correct situation-specific conclusions and, when needed, on sharing critical knowledge in the cyber networks. The target state is achieved with an efficient process that includes a three-level-strategic, operational and technical/tactical-operating model to support decision-making by utilizing national and international strengths. In the dynamic cyber environment strategic agility and speed are needed to prepare for incidents.

Emerging Cyber risk Challenges in Maritime Transportation

Simola

2022

iccws

Maritime security and surveillance have become one of the main areas in managing overall situational awareness.For example, the growing importance of maritime traffic in cross-border trade has created new pressures to develop newtechnologies for accident prevention, especially in the ports. Maritime safety is also a matter of concern for continuitymanagement. Automatic ship alarm systems, coastal radars and coastal cameras are not alone sufficient equipment to buildmaritime awareness. The Universal Shipborne Automatic Identification System (AIS) is a ship transponder system that is aglobally used tracking system, but highly vulnerable to hacking. A major maritime traffic problem arises if transponders areswitched off. Hybrid threats need coordinated hybrid responses; therefore, a cyber situational picture is also needed. Cybersituational awareness is an essential part of the management of maritime situational awareness. The lack of using real-timedata from the maritime actors affects the correct formation of the common situational picture—for example, from the siteof an accident. Cyber security is an essential factor in developing fairway navigation and all terminal (port-to-port) activities.This research will be done as a part of the SMARTER (Smart Terminals) -project that belongs to the SEA4VALUE program. Theproject aims to develop unique digitalized concepts that enhance safe transportation and reduce emissions in the port andthe terminal areas. By using the multiagent system with sensor technology, e.g., in the harbors, it is possible to gather andshare meaningful maritime security-related data. The study's primary purpose is to describe the operating environment andmake an initial analysis of system requirements for optimizing situational awareness in the area of western ports of Finland

Cyber Security of an Electric Power System in Critical Infrastructure

2022

Cyber Situational Awareness in Critical Infrastructure Organizations

Rajamäki

Nuojua

et al. 2021

The capability related to cybersecurity plays an ever-growing role on overall national security and securing the functions vital to society. The national cyber capability is mainly composed by resilience of companies running critical infrastructures and their cyber situational awareness (CSA). According to a common view, components of critical infrastructures become more complex and interdependent on each other, and that way, ramifications of incidents multiply. In practice, the actions relate to developing better CSA and understanding of a critical infrastructure organization. The aim is to develop the preparation for incidents and their management in the whole society. The arrangement is based on drawing correct situation-specific conclusions and, when needed, on sharing critical knowledge in the cyber networks of society. The target state is achieved with an efficient process that includes a three-leveled (strategic, operational and technical/tactical) operating model related to the organization's decision-making. Cyber environment is dynamic meaning that especially the strategic agility is required when preparing for incidents. The pervasive incidents targeting society are a challenging cyber environment when it comes to the critical reaction speed required by the situation management.

Cyber Situational Awareness in Critical Infrastructure Protection

Ann. Disaster Risk Sci.

Rajamäki

Ruoslahti

et al. 2020

The European Union promotes collaboration between authorities and the private sector, and the providers of the most critical services to society face security related obligations. In this paper, critical infrastructure is seen as a system of systems that can be subject to cyber-attacks and other disturbances. Situational awareness (SA) enhances preparations for and decision-making during assessed and unforeseen disruptive incidents, and promoting Cyber effective situational awareness (CSA) requires information sharing between the different interest groups. This research is constructive in nature, where innovative constructions developed as solutions for domain-specific real world problems, while the research question is: “How can cyber situational awareness protect critical infrastructures?” The Observe – Orient – Decide – Act (OODA) loop is examined as a way to promote collaboration towards a shared situational picture, awareness and understanding to meet challenges of forming CSA in relation to risk assessment (RA) and improving resilience. Three levels of organizational decision-making are examined in relation a five-layer cyber structure of an organization to provide a more comprehensive systems view of organizational cyber security. Successful, crisis-management efforts enable organizations to sustain and resume operations, minimize losses, and adapt to manage future incidents, as many critical infrastructures typically lack resilience and may easily lose essential functionality when hit by an adverse event. Situation awareness is the main prerequisite towards cyber security. Without situation awareness, it is impossible to systematically prevent, identify, and protect the system from cyber incidents.