Search results for "Critical infrastructure"
showing 10 items of 20 documents
Effects of cyber domain in crisis management
2019
There is fundamental need in EU-level to develop common alarm procedures and emergency response models with preventive functions which work well from local to national level and from national to international level. European Public Protection and Disaster Relief (PPDR) services such as law enforcement, firefighting, emergency medical and disaster recovery services have recognized that lack of interoperability of technical systems limits cooperation between the PPDR authorities. Also, the military (MIL) and critical infrastructure protection (CIP) faces similar challenges. Recent major accidents have indicated that lack of human resources affects to disaster recovery. PPDR-actors cannot star…
Group model building: a collaborative modelling methodology applied to critical infrastructure protection
2012
Large crises management, affecting CIs needs multidisciplinary knowledge including technical, economical, social, political, legal and managerial knowledge. Being these crises international a huge variety of agents is involved in their response. This situation concludes in a set of stakeholders who only have fragmented knowledge. In the presence of dispersed and incomplete knowledge, and of fragmented and disrupted crisis management, the collaborative approach group model building (GMB), where modelling experts unify fragmented, tacit knowledge from domain experts, is a valuable option. However, GMB has been little used in CIP. We have done so in the context a European project on crisis man…
Cyber Situational Awareness in Critical Infrastructure Organizations
2021
The capability related to cybersecurity plays an ever-growing role on overall national security and securing the functions vital to society. The national cyber capability is mainly composed by resilience of companies running critical infrastructures and their cyber situational awareness (CSA). According to a common view, components of critical infrastructures become more complex and interdependent on each other and, as a consequence, ramifications of incidents multiply. In practice, the actions relate to developing better CSA and understanding of a critical infrastructure organization. The aim is to prepare for incidents and their management in a whole-of-society approach. The arrangement i…
Cyber-Security in Digital Metering Value Chain for Mountain Landslide Warning
2021
The Norwegian Water Resources and Energy Directorate (NVE) are initiating a digitalization process that involves the use of a digital metering value chain and cloud computing. The main objective of this study is to investigate how NVE can ensure cyber-security in digital meters and the cloubased metering value chain for mountain landslide warning. The study is based on a qualitative approach including methods like document analysis and semi structured interviews used as input to a risk analysis based on the ISO 31000 standard. The risk analysis covered three different scenarios from NVE. Those three scenarios were internal, external Norwegian, and transnational value chains for metering lan…
Cyber Situational Awareness in Critical Infrastructure Protection
2020
The European Union promotes collaboration between authorities and the private sector, and the providers of the most critical services to society face security related obligations. In this paper, critical infrastructure is seen as a system of systems that can be subject to cyber-attacks and other disturbances. Situational awareness (SA) enhances preparations for and decision-making during assessed and unforeseen disruptive incidents, and promoting Cyber effective situational awareness (CSA) requires information sharing between the different interest groups. This research is constructive in nature, where innovative constructions developed as solutions for domain-specific real world problem…
Towards a resilience management guideline — Cities as a starting point for societal resilience
2019
Unexpected crises and risks affect the urban population. Critical infrastructure dependency, climate change and social dynamics have captured the attention of city decision makers across different disciplines, sectors, and scales. Addressing these challenges mandates an increase in resilience. This article presents the development of the novel European Resilience Management Guideline (ERMG) developed by the European H2020 Smart Mature Resilience (SMR) project. It encompasses five supporting tools for city resilience. The purpose of this article is threefold. First, it describes the extensive co-creation methods used to establish, validate and test the five ERMG tools as collaborations among…
Terveydenhuolto ja kyberuhkat
2019
Kyberturvallisuusstrategian vision mukaan Suomen tulee kyetä suojaamaan elintärkeät toimintonsa kyberuhkaa vastaan kaikissa tilanteissa. Terveydenhuolto on yksi elintärkeistä toiminnoista. Terveystoimiala on kyberhyökkäysten top-5-listalla ensimmäisenä. Hyökkäysten keskeisin motivaatio on potilastietojen arvo pimeillä markkinoilla. Vuonna 2015 varastettiin yli satamiljoonaa potilastietoa, jotka sisältävät rikollisille arvokkaita tietoja, kuten luottokorttinumeroita, työnantajatietoja ja sairaushistoriatietoja. Tässä artikkelissa kuvataan terveydenhuoltoon liittyviä kyberuhkia, kyberhaavoittuvuuksia ja toteutuneita kyberhyökkäyksiä kybermaailman eri ulottuvuudet kattaen. Tarkastelussa käytet…
Insecure Firmware and Wireless Technologies as “Achilles’ Heel” in Cybersecurity of Cyber-Physical Systems
2022
In this chapter, we analyze cybersecurity weaknesses in three use-cases of real-world cyber-physical systems: transportation (aviation), remote explosives and robotic weapons (fireworks pyrotechnics), and physical security (CCTV). The digitalization, interconnection, and IoT-nature of cyber-physical systems make them attractive targets. It is crucial to ensure that such systems are protected from cyber attacks, and therefore it is equally important to study and understand their major weaknesses. peerReviewed
Health care and cyber threats
2019
Emergency Response Model as a part of the Smart Society
2021
Centralized hybrid emergency model with predictive emergency response functions is necessary when the purpose is to protect the critical infrastructure (CI). A shared common operational picture among Public Protection and Disaster Relief (PPDR) authorities means that a real-time communication link from the local level to the state-level exists. If a cyberattack would interrupt electricity transmission, telecommunication networks will discontinue operating. Cyberattack becomes physical in the urban and maritime area if an intrusion has not been detected. Hybrid threats require hybrid responses. The purpose of this qualitative research was to find out technological-related fundamental risks …