nach oben

Erschienen in:

2016 | OriginalPaper | Buchkapitel

Zebras and Lions: Better Incident Handling Through Improved Cooperation

verfasst von : Martin Gilje Jaatun, Maria Bartnes, Inger Anne Tøndel

Erschienen in: Innovations for Community Services

Verlag: Springer International Publishing

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

The ability to appropriately prepare for, and respond to, information security incidents, is of paramount importance, as it is impossible to prevent all possible incidents from occurring. Current trends show that the power and automation industry is an attractive target for hackers. A main challenge for this industry to overcome is the differences regarding culture and traditions, knowledge and communication, between Information and Communication Technology (ICT) staff and industrial control system staff. Communication is necessary for knowledge transfer, which in turn is necessary to learn from previous incidents in order to improve the incident handling process. This article reports on interviews with representatives from large electricity distribution service operators, and highlights challenges and opportunities for computer security incident handling in the industrial control system space.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Vorheriges Kapitel Adaptive Workflow System Concept for Scientific Project Collaboration

Nächstes Kapitel Routing over VANET in Urban Environments

see http://www.symantec.com/connect/blogs/w32stuxnet-dossier.

Although this is generally no longer the case.

A bug is a programming error, while a flaw is a more high-level architecture or design error.

http://www.first.org/.

https://www.kraftcert.no/.

http://www.securityincidents.org/.

Line, M.B.: A case study: preparing for the smart grids - identifying current practice for information security incident management in the power industry. In: 2013 Seventh International Conference on IT Security Incident Management and IT Forensics (IMF), pp. 26–32 (2013)

Line, M.B., Tøndel, I.A., Jaatun, M.G.: Information security incident management: planning for failure. In: Proceedings of the 2014 Eighth International Conference on IT Security Incident Management and IT Forensics, pp. 47–61. IEEE Computer Society (2014)

Line, M.B., Tøndel, I.A., Jaatun, M.G.: Current practices and challenges in industrial control organizations regarding information security incident management - does size matter? Information security incident management in large and small industrial control organizations. Int. J. Crit. Infrastruct. Prot. 12, 12–26 (2016)CrossRef

ISO/IEC 27035:2011 Information technology - Security techniques - Information security incident management. ISO/IEC (2011)

Tøndel, I.A., Line, M.B., Jaatun, M.G.: Information security incident management: current practice as reported in the literature. Comput. Secur. 45, 42–57 (2014)CrossRef

Wei, D., Lu, Y., Jafari, M., Skare, P.M., Rohde, K.: Protecting smart grid automation systems against cyberattacks. IEEE Trans. Smart Grid 2, 782–795 (2011)CrossRef

Jaatun, M.G., Albrechtsen, E., Line, M.B., Tøndel, I.A., Longva, O.H.: A framework for incident response management in the petroleum industry. Int. J. Crit. Infrastruct. Prot. 2, 26–37 (2009)CrossRef

Werlinger, R., Muldner, K., Hawkey, K., Beznosov, K.: Preparation, detection, and analysis: the diagnostic work of IT security incident response. Inf. Manag. Comput. Secur. 18, 26–42 (2010)

Ahmad, A., Hadgkiss, J., Ruighaver, A.B.: Incident response teams – Challenges in supporting the organisational security function. Comput. Secur. 31, 643–652 (2012)CrossRef

10.

Line, M.B.: Understanding information security incident management practices: a case study in the electric power industry. Ph.D. Thesis, NTNU (2015)

11.

Bartnes, M., Moe, N.B., Heegaard, P.E.: The future of information security incident management training: a case study of electrical power companies, Computers and Security (2016)

Titel: Zebras and Lions: Better Incident Handling Through Improved Cooperation
verfasst von: Martin Gilje Jaatun
Maria Bartnes
Inger Anne Tøndel
Verlag: Springer International Publishing
Buch: Innovations for Community Services
Print ISBN: 978-3-319-49465-4

Electronic ISBN: 978-3-319-49466-1

Copyright-Jahr: 2016
DOI: https://doi.org/10.1007/978-3-319-49466-1_9

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"