Cyber security management model for critical infrastructure

Research output: Contribution to journalArticle

  • 7 Citations

Abstract

Cyber security is the most critical aspect nowadays of our technologically based lives. Government institutions, banking sectors, public and private services, nuclear power plants, power grid operators, water suppliers or waste water treatment companies use information technologies in their day-to-day operations. Everything that uses technologies are based on communication and information systems and that means that it depends on cyber security. The public and private sector each year spend millions of dollars on technologies, security software and hardware devices that will increase the cyber security inside their companies, but they are still vulnerable. The main problem of this situation is that cyber security is still usually treated as a technical aspect or technology which can be easily implemented inside the organization and this implementation will guarantee cyber security. This attitude must change, because cyber security nowadays is something more than just the technology. This article presents the taxonomy of the critical infrastructure attacks, analyzes attack vectors and attack methods used to damage critical infrastructure as well as the most common cyber security mistakes which organizations make in the cyber security field when trying to make themselves safer from vulnerabilities. The main aim of this article is to provide theoretical aspects of the cyber security management model which can be used to ensure security of critical infrastructure in an organization or company. The cyber security management model that is presented in this article is analyzed from management perspectives and is not concerned with technological aspects and products that are used to protect critical infrastructure from cyber security attacks and vulnerabilities.
LanguageEnglish
Pages559-573
JournalEntrepreneurship and Sustainability Issues
Volume4
Issue number4
DOIs
StatePublished - 2017

Fingerprint

Critical infrastructures
Industry
Taxonomies
Water treatment
Nuclear power plants
Information technology
Communication systems
Information systems
Wastewater
Hardware
Water

Keywords

  • Cyber security
  • management
  • critical infrastructure

Cite this

Cyber security management model for critical infrastructure. / Limba, Tadas; Plėta, Tomas; Agafonov, Konstantin; Damkus, Martynas .

In: Entrepreneurship and Sustainability Issues, Vol. 4, No. 4, 2017, p. 559-573.

Research output: Contribution to journalArticle

@article{58ac538d7b034da0a96f164122df1b2d,
title = "Cyber security management model for critical infrastructure",
abstract = "Cyber security is the most critical aspect nowadays of our technologically based lives. Government institutions, banking sectors, public and private services, nuclear power plants, power grid operators, water suppliers or waste water treatment companies use information technologies in their day-to-day operations. Everything that uses technologies are based on communication and information systems and that means that it depends on cyber security. The public and private sector each year spend millions of dollars on technologies, security software and hardware devices that will increase the cyber security inside their companies, but they are still vulnerable. The main problem of this situation is that cyber security is still usually treated as a technical aspect or technology which can be easily implemented inside the organization and this implementation will guarantee cyber security. This attitude must change, because cyber security nowadays is something more than just the technology. This article presents the taxonomy of the critical infrastructure attacks, analyzes attack vectors and attack methods used to damage critical infrastructure as well as the most common cyber security mistakes which organizations make in the cyber security field when trying to make themselves safer from vulnerabilities. The main aim of this article is to provide theoretical aspects of the cyber security management model which can be used to ensure security of critical infrastructure in an organization or company. The cyber security management model that is presented in this article is analyzed from management perspectives and is not concerned with technological aspects and products that are used to protect critical infrastructure from cyber security attacks and vulnerabilities.",
keywords = "Cyber security, management, critical infrastructure",
author = "Tadas Limba and Tomas Plėta and Konstantin Agafonov and Martynas Damkus",
year = "2017",
doi = "10.9770/jesi.2017.4.4(12)",
language = "English",
volume = "4",
pages = "559--573",
journal = "Entrepreneurship and Sustainability Issues",
issn = "2345-0282",
publisher = "Entrepreneurship and Sustainability Center",
number = "4",

}

TY - JOUR

T1 - Cyber security management model for critical infrastructure

AU - Limba,Tadas

AU - Plėta,Tomas

AU - Agafonov,Konstantin

AU - Damkus,Martynas

PY - 2017

Y1 - 2017

N2 - Cyber security is the most critical aspect nowadays of our technologically based lives. Government institutions, banking sectors, public and private services, nuclear power plants, power grid operators, water suppliers or waste water treatment companies use information technologies in their day-to-day operations. Everything that uses technologies are based on communication and information systems and that means that it depends on cyber security. The public and private sector each year spend millions of dollars on technologies, security software and hardware devices that will increase the cyber security inside their companies, but they are still vulnerable. The main problem of this situation is that cyber security is still usually treated as a technical aspect or technology which can be easily implemented inside the organization and this implementation will guarantee cyber security. This attitude must change, because cyber security nowadays is something more than just the technology. This article presents the taxonomy of the critical infrastructure attacks, analyzes attack vectors and attack methods used to damage critical infrastructure as well as the most common cyber security mistakes which organizations make in the cyber security field when trying to make themselves safer from vulnerabilities. The main aim of this article is to provide theoretical aspects of the cyber security management model which can be used to ensure security of critical infrastructure in an organization or company. The cyber security management model that is presented in this article is analyzed from management perspectives and is not concerned with technological aspects and products that are used to protect critical infrastructure from cyber security attacks and vulnerabilities.

AB - Cyber security is the most critical aspect nowadays of our technologically based lives. Government institutions, banking sectors, public and private services, nuclear power plants, power grid operators, water suppliers or waste water treatment companies use information technologies in their day-to-day operations. Everything that uses technologies are based on communication and information systems and that means that it depends on cyber security. The public and private sector each year spend millions of dollars on technologies, security software and hardware devices that will increase the cyber security inside their companies, but they are still vulnerable. The main problem of this situation is that cyber security is still usually treated as a technical aspect or technology which can be easily implemented inside the organization and this implementation will guarantee cyber security. This attitude must change, because cyber security nowadays is something more than just the technology. This article presents the taxonomy of the critical infrastructure attacks, analyzes attack vectors and attack methods used to damage critical infrastructure as well as the most common cyber security mistakes which organizations make in the cyber security field when trying to make themselves safer from vulnerabilities. The main aim of this article is to provide theoretical aspects of the cyber security management model which can be used to ensure security of critical infrastructure in an organization or company. The cyber security management model that is presented in this article is analyzed from management perspectives and is not concerned with technological aspects and products that are used to protect critical infrastructure from cyber security attacks and vulnerabilities.

KW - Cyber security

KW - management

KW - critical infrastructure

U2 - 10.9770/jesi.2017.4.4(12)

DO - 10.9770/jesi.2017.4.4(12)

M3 - Article

VL - 4

SP - 559

EP - 573

JO - Entrepreneurship and Sustainability Issues

T2 - Entrepreneurship and Sustainability Issues

JF - Entrepreneurship and Sustainability Issues

SN - 2345-0282

IS - 4

ER -