0000000000043463
AUTHOR
Jussi Simola
Developing Cybersecurity in an Industrial Environment by Using a Testbed Environment
Critical infrastructure protection requires a testing environment that allows the testing of different kinds of equipment, software, networks, and tools to develop vital functions of the critical industrial environment. Used electrical equipment must be reliable, capable and maintain a stable critical industrial ecosystem. An industrial business needs to develop cybersecurity capabilities that detect and prevent IT/ICT and OT/ICS threats in an industrial environment. The emerging trend has been to create security operations center (SOC) services to detect ICS-related threats in enterprise networks. The energy supply sector must consist of crucial elements for safe business continuity and su…
Effects of cyber domain in crisis management
There is fundamental need in EU-level to develop common alarm procedures and emergency response models with preventive functions which work well from local to national level and from national to international level. European Public Protection and Disaster Relief (PPDR) services such as law enforcement, firefighting, emergency medical and disaster recovery services have recognized that lack of interoperability of technical systems limits cooperation between the PPDR authorities. Also, the military (MIL) and critical infrastructure protection (CIP) faces similar challenges. Recent major accidents have indicated that lack of human resources affects to disaster recovery. PPDR-actors cannot star…
Assessment of Cyber Security risks : A Smart Terminal Process
In Finland, the connections to global maritime transportation logistics systems are an essential part of the national critical infrastructure. As a part of maritime logistics systems, the port's operations are important elements for global maritime traffic and the transportation supply chain. Digitalization of seaport services makes it possible to increase the efficiency of terminal systems in the logistic processes. At the same time, port logistic processes can notably reduce its CO2 emissions by optimizing port operations. The improvement of port processes relies very much on the development of Information and Communication Technology (ICT) and Industrial Control Systems (ICS) or Operatio…
Smart Terminal System of Systems’ Cyber Threat Impact Evaluation
Systems of system-level thinking is required when the purpose is to develop a coherent understanding of the ecosystem where every user and system requirements are divided into specific parts. The smarter project, as a part of the Sea4value program of DIMECC, aims to develop harbor operations, including passenger and cargo transportation, in a way that port processes will improve, emissions will decrease, and overall security will enhance in smart ports. This paper describes cyber-attack impacts against the Smart terminal system of systems in the cyber realm by utilizing the MITRE ATTACK® framework to map the objectives of threat actors. The Smart Terminal system environment includes ICT, IC…
Basic Elements of Cyber Security for a Smart Terminal Process
Global maritime transportation and logistics systems are essential parts of critical infrastructures in every society, and a crucial part of maritime logistics processes are seaports. Digitalization helps improve the efficiency of terminal systems in the processes of these ports. In Finland this development is going on and it is called SMARTER research program. In the best cases, digitalization can also promote the reduction of emissions by optimizing port operations and enhancing cargo and people flows while improving the experience for all stakeholders. The improvement of port processes relies on the development of Information and Communication Technology (ICT) and as well as on Industria…
Emerging Cyber risk Challenges in Maritime Transportation
Maritime security and surveillance have become one of the main areas in managing overall situational awareness. For example, the growing importance of maritime traffic in cross-border trade has created new pressures to develop new technologies for accident prevention, especially in the ports. Maritime safety is also a matter of concern for continuity management. Automatic ship alarm systems, coastal radars and coastal cameras are not alone sufficient equipment to build maritime awareness. The Universal Shipborne Automatic Identification System (AIS) is a ship transponder system that is a globally used tracking system, but highly vulnerable to hacking. A major maritime traffic problem arises…
Cyber Threat Analysis in Smart Terminal Systems
Cyber threats create significant factors that challenge traditional threat prevention mechanisms in harbor areas and port terminals. It has been recognized that understanding security functionalities in the harbor area is based on a more traditional experience of what it requires. It is not enough that the maritime and harbor ecosystem repeats only physical security service routines regarding random checks of passengers and vehicles and customs functions on cargo and passenger transportation. Smart environments and infrastructures are widely expanded in urban areas and create more challenges if old practices are combined with new technologies and functionalities. Traditional threats have ch…
How to apply privacy by design in osint and big data analytics?
In a world where technology grows exponentially, more information is available to us every day. States and their governments have collected information on their citizens for a long time now. On the other hand, people give out more and more personal information voluntarily through social media. Information available on the Internet is easier to analyze with modern technologies and the original source of information is also easier to track down. Information is available to all of us and that information can be used to investigate personal data, defeat competitors in a corporate world, solve crimes or even win wars. This study analyses open source intelligence (OSINT) and big data analytics (B…
Literature Review of Scientific Articles about Cyber Information Sharing
This literature review presents a review of cyber information sharing based on systematic queries in four scientific databases. Hundreds of articles were handled and clustered. Relevant publications concerning cyber information sharing are succinctly described in the paper. The findings are discussed from the perspective of how to develop a cybersecurity information sharing system and what possible features might be included in the system. The literature review will comprise a new database for the Echo Early Warning System (E-EWS) concept. E-EWS aims at delivering a security operations support tool, enabling the members of the ECHO network to coordinate and share information in near real-ti…