{"title":"What happens in a control room during a cybersecurity attack?: Preliminary observations from a pilot study","authors":"E. Nystad, Vikash Katta, J. Simensen","doi":"10.1145/3387940.3391454","DOIUrl":null,"url":null,"abstract":"Cyberattacks on the critical infrastructure is a growing concern for businesses, national authorities and public in general. The increasing complexity and connectivity of the critical infrastructure systems have made them susceptible to cyberattacks. The traditional notion of safety systems being isolated is no longer applicable, as we have seen ample examples on how these systems can be exploited through gaps in e.g. supply chain, physical security, insiders. This places greater importance on how the staff belonging to owners and operators of these critical infrastructure, e.g. operators, IT/security personnel, system engineers, management, are prepared to handle cyberattacks. This paper presents our ongoing research on investigating the preparedness of organisations to handle cybersecurity incidents and providing holistic solutions to improve cybersecurity posture. We present one experiment that has been conducted using our cybersecurity centre and man-machine laboratory to study how operators and security team of a power plant will handle a cyberattack. We highlight the main observations made through this experiment.","PeriodicalId":309659,"journal":{"name":"Proceedings of the IEEE/ACM 42nd International Conference on Software Engineering Workshops","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2020-06-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the IEEE/ACM 42nd International Conference on Software Engineering Workshops","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3387940.3391454","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 3
Abstract
Cyberattacks on the critical infrastructure is a growing concern for businesses, national authorities and public in general. The increasing complexity and connectivity of the critical infrastructure systems have made them susceptible to cyberattacks. The traditional notion of safety systems being isolated is no longer applicable, as we have seen ample examples on how these systems can be exploited through gaps in e.g. supply chain, physical security, insiders. This places greater importance on how the staff belonging to owners and operators of these critical infrastructure, e.g. operators, IT/security personnel, system engineers, management, are prepared to handle cyberattacks. This paper presents our ongoing research on investigating the preparedness of organisations to handle cybersecurity incidents and providing holistic solutions to improve cybersecurity posture. We present one experiment that has been conducted using our cybersecurity centre and man-machine laboratory to study how operators and security team of a power plant will handle a cyberattack. We highlight the main observations made through this experiment.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
