Critical infrastructure protection: Requirements and challenges for the 21st century

Alcaraz, Cristina; Zeadally, Sherali

doi:10.1016/j.ijcip.2014.12.002

Cited by 242 publications

(129 citation statements)

References 43 publications

Supporting

Mentioning

125

Contrasting

Unclassified

Order By: Relevance

“…All of the responding businesses used one or more PCS systems, sometimes more than ten different systems. 3 Since this paper focuses on cybersecurity governance, it only briefly summarizes the -primarily technical -survey findings. 4 Group interviews were held in the form of two workshops with experts and representatives of corporations.…”

Section: Methodsmentioning

confidence: 99%

“…5 The NICC performs facilitative roles such as to monitor; inform; develop preventative instruments; advise government and business; and coordinate action [35]. With regard to PCS security, the NICC publishes factsheets, information brochures and organizes information meetings to 3 Corporations with more than one PCS system were asked to fill in the survey for their most important system. 4 The survey was carried out by Laura Lormann-Zwartelé as part of her master's thesis research and supervised by the author.The full report (in Dutch) is available upon request.…”

Section: Public-private Collaborationmentioning

confidence: 99%

See 1 more Smart Citation

New governance of corporate cybersecurity: a case study of the petrochemical industry in the Port of Rotterdam

Erp

2017

Crime Law Soc Change

View full text Add to dashboard Cite

The petro-chemical industry is a critical infrastructure that is vulnerable to cybercrime. In particular, industrial process control systems contain many vulnerabilities and are known targets for hackers. A cyberattack to a chemical facility can cause enormous risks to the economy, the environment, and public health and safety. This gives rise to the question how corporate cybersecurity has developed; how it is governed; and whether it should be subject to public oversight. This paper presents a case study of the governance of cybersecurity in the petrochemical industry in the Rotterdam Mainport area in the Netherlands, which reflects the 'new governance' view that cybersecurity can best be governed through voluntary public-private partnerships. The paper finds however that actual collaborative governance is not developing in the petrochemical industry in the port of Rotterdam; that corporate awareness and investment in cybersecurity stay behind standards, and that cybersecurity is not included in regulatory inspections. The paper places these findings in the context of three problems often associated with 'new governance' particularly pressing in cybersecurity governance: a weak role of government in publicprivate collaborative arrangements; an expectation that businesses will invest in self-regulation even in the absence of incentives to do so, and a lack of information exchange. In the port of Rotterdam, these problems result in a lack of obligations and accountability pressure on petrochemical corporations, leaving on of the most important chemical industrial hazards of today, largely unregulated. Crime Law Soc Change (2017) 68:75-93

show abstract

Section: Methodsmentioning

confidence: 99%

Section: Public-private Collaborationmentioning

confidence: 99%

New governance of corporate cybersecurity: a case study of the petrochemical industry in the Port of Rotterdam

Erp

2017

Crime Law Soc Change

View full text Add to dashboard Cite

show abstract

“…Hospital organizations are considered as critical infrastructure (CI) to nation states [3,25]. As a critical infrastructure, hospital organizations are prone to security threats that can affect health policies, public health, healthcare services, surgical procedures, electronic patient records, patient privacy, doctor-patient communication, etc.…”

Section: Futures Digital Hospitalmentioning

confidence: 99%

Cybersecurity Business Models for IoT-Mobile Device Management Services in Futures Digital Hospitals

Gomes

Iivari

Ahokangas

et al. 2017

JICTS

View full text Add to dashboard Cite

Hospitals as critical infrastructures has been historically dependent on various types of devices and equipment that are being revolutionized with digitalized solutions. The digitalization of conventional healthcare equipment is added with the new inclusion of numerous new devices for data collection, analysis, communication, and so on. All in all, the futures digital hospitals in 5G will be exponentially more data-dependent and digital-intensive. For that, this paper looks to theorize how the security scenario in a futures digital hospital would look like, and what relevant business possibilities could emerge for cybersecurity providers in the healthcare context. In this paper, we open up discussions on business possibilities relevant to Internet of Things-mobile device management for critical infrastructures such as future digital hospital. We apply business models as a conceptual lens to analyze how cybersecurity business could evolve for 5G enabled IoT-Mobile device management providers as a cybersecurity vendor.

show abstract

“…This is especially emphasized when taking in to the account services with high security requirements such as critical infrastructure services. Hence, the analysis of security issues in cloud attracted broad research interest [13], [14], [15], [16], [17], [18], [19], [20], [21], [13]. However, majority of the research community concluded that the current security methods and techniques in cloud are not mature enough to reliably support hosting services in cloud.…”

Section: A Critical Infrastructure Security Challengesmentioning

confidence: 99%

“…[21] based on their detailed security analysis for various critical infrastructure providers, outlined major security issues in the cloud that hinder the migration of critical infrastructure services. Alcaraz and Zeadally in their survey [13] highlighted the vital role of critical infrastructures in modern society. However, they elaborated security challenges of critical infrastructure assets are mainly focusing on the industrial control systems (SCADA).…”

Section: A Critical Infrastructure Security Challengesmentioning

confidence: 99%

Impact of Critical Infrastructure Requirements on Service Migration Guidelines to the Cloud

Wagner

Hudic

Maksuti

et al. 2015

2015 3rd International Conference on Future Internet of Things and Cloud

View full text Add to dashboard Cite

Abstract-A high level of information security in critical infrastructure IT systems and services has to be preserved when migrating their IT services to the cloud. Often various legislative and security constraints have to be met in line with best practice guidelines and international standards to perform the migration. To support the critical infrastructure providers in migrating their services to the cloud we are developing a process based migration guideline for critical infrastructure providers focusing on information security. First of all we investigate, via questionnaires, how the importance of individual security topics covered in such guidelines differentiates between industry stakeholders and critical infrastructure providers. This supports the selection of relevant security topics and the considered guidelines and standards, which we survey in search for common relevant security topics. Subsequently we present the analysis of the above-mentioned security requirements and how they affect a here developed taxonomy for a process-based security guideline. Furthermore we present potential service migration use cases and how our methodology would affect the migration of secure critical infrastructure services.

show abstract

Critical infrastructure protection: Requirements and challenges for the 21st century

Cited by 242 publications

References 43 publications

New governance of corporate cybersecurity: a case study of the petrochemical industry in the Port of Rotterdam

New governance of corporate cybersecurity: a case study of the petrochemical industry in the Port of Rotterdam

Cybersecurity Business Models for IoT-Mobile Device Management Services in Futures Digital Hospitals

Impact of Critical Infrastructure Requirements on Service Migration Guidelines to the Cloud

Contact Info

Product

Resources

About