Zebras and Lions: Better Incident Handling Through Improved Cooperation

Jaatun, Martin Gilje; Bartnes, Maria; Tøndel, Inger Anne

doi:10.1007/978-3-319-49466-1_9

Martin Gilje Jaatun¹³,
Maria Bartnes¹⁴ &
Inger Anne Tøndel¹³

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 648))

Included in the following conference series:

International Conference on Innovations for Community Services

315 Accesses

Abstract

The ability to appropriately prepare for, and respond to, information security incidents, is of paramount importance, as it is impossible to prevent all possible incidents from occurring. Current trends show that the power and automation industry is an attractive target for hackers. A main challenge for this industry to overcome is the differences regarding culture and traditions, knowledge and communication, between Information and Communication Technology (ICT) staff and industrial control system staff. Communication is necessary for knowledge transfer, which in turn is necessary to learn from previous incidents in order to improve the incident handling process. This article reports on interviews with representatives from large electricity distribution service operators, and highlights challenges and opportunities for computer security incident handling in the industrial control system space.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic

$34.99 /Month

Get 10 units per month
Download Article/Chapter or eBook
1 Unit = 1 Article or 1 Chapter
Cancel anytime

Buy Now

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Developing a Cyber Incident Communication Management Exercise for CI Stakeholders

Introduction to Security Incidents and Response Against Cyber Attacks

Security threats to critical infrastructure: the human factor

Article Open access 26 March 2018

Notes

1.
see http://www.symantec.com/connect/blogs/w32stuxnet-dossier.
2.
Although this is generally no longer the case.
3.
A bug is a programming error, while a flaw is a more high-level architecture or design error.
4.
http://www.first.org/.
5.
https://www.kraftcert.no/.
6.
http://www.securityincidents.org/.

References

Line, M.B.: A case study: preparing for the smart grids - identifying current practice for information security incident management in the power industry. In: 2013 Seventh International Conference on IT Security Incident Management and IT Forensics (IMF), pp. 26–32 (2013)
Google Scholar
Line, M.B., Tøndel, I.A., Jaatun, M.G.: Information security incident management: planning for failure. In: Proceedings of the 2014 Eighth International Conference on IT Security Incident Management and IT Forensics, pp. 47–61. IEEE Computer Society (2014)
Google Scholar
Line, M.B., Tøndel, I.A., Jaatun, M.G.: Current practices and challenges in industrial control organizations regarding information security incident management - does size matter? Information security incident management in large and small industrial control organizations. Int. J. Crit. Infrastruct. Prot. 12, 12–26 (2016)
Article Google Scholar
ISO/IEC 27035:2011 Information technology - Security techniques - Information security incident management. ISO/IEC (2011)
Google Scholar
Tøndel, I.A., Line, M.B., Jaatun, M.G.: Information security incident management: current practice as reported in the literature. Comput. Secur. 45, 42–57 (2014)
Article Google Scholar
Wei, D., Lu, Y., Jafari, M., Skare, P.M., Rohde, K.: Protecting smart grid automation systems against cyberattacks. IEEE Trans. Smart Grid 2, 782–795 (2011)
Article Google Scholar
Jaatun, M.G., Albrechtsen, E., Line, M.B., Tøndel, I.A., Longva, O.H.: A framework for incident response management in the petroleum industry. Int. J. Crit. Infrastruct. Prot. 2, 26–37 (2009)
Article Google Scholar
Werlinger, R., Muldner, K., Hawkey, K., Beznosov, K.: Preparation, detection, and analysis: the diagnostic work of IT security incident response. Inf. Manag. Comput. Secur. 18, 26–42 (2010)
Google Scholar
Ahmad, A., Hadgkiss, J., Ruighaver, A.B.: Incident response teams – Challenges in supporting the organisational security function. Comput. Secur. 31, 643–652 (2012)
Article Google Scholar
Line, M.B.: Understanding information security incident management practices: a case study in the electric power industry. Ph.D. Thesis, NTNU (2015)
Google Scholar
Bartnes, M., Moe, N.B., Heegaard, P.E.: The future of information security incident management training: a case study of electrical power companies, Computers and Security (2016)
Google Scholar

Download references

Acknowledgments

The authors would like to thank the distribution system operators who have contributed with informants for our interviews. This research has been supported by the Norwegian Research Council through the projects DeVID and Flexnett.

Author information

Authors and Affiliations

Department of Software Engineering, Safety and Security, SINTEF ICT, Trondheim, Norway
Martin Gilje Jaatun & Inger Anne Tøndel
SINTEF Group Head Office, Trondheim, Norway
Maria Bartnes

Authors

Martin Gilje Jaatun
View author publications
You can also search for this author in PubMed Google Scholar
Maria Bartnes
View author publications
You can also search for this author in PubMed Google Scholar
Inger Anne Tøndel
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Martin Gilje Jaatun .

Editor information

Editors and Affiliations

University of Hagen, Hagen, Germany
Günter Fahrnberger
Telekom Innovation Laboratories, Deutsche Telekom AG, Darmstadt, Hessen, Germany
Gerald Eichler
EAH Jena, Jena, Germany
Christian Erfurth

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Jaatun, M.G., Bartnes, M., Tøndel, I.A. (2016). Zebras and Lions: Better Incident Handling Through Improved Cooperation. In: Fahrnberger, G., Eichler, G., Erfurth, C. (eds) Innovations for Community Services. I4CS 2016. Communications in Computer and Information Science, vol 648. Springer, Cham. https://doi.org/10.1007/978-3-319-49466-1_9

Download citation

DOI: https://doi.org/10.1007/978-3-319-49466-1_9
Published: 13 November 2016
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-49465-4
Online ISBN: 978-3-319-49466-1
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Zebras and Lions: Better Incident Handling Through Improved Cooperation

Abstract

Access this chapter

Subscribe and save

Buy Now

Similar content being viewed by others

Developing a Cyber Incident Communication Management Exercise for CI Stakeholders

Introduction to Security Incidents and Response Against Cyber Attacks

Security threats to critical infrastructure: the human factor

Notes

References

Acknowledgments

Author information

Authors and Affiliations

Corresponding author

Editor information

Editors and Affiliations

Rights and permissions

Copyright information

About this paper

Cite this paper

Download citation

Publish with us

Subscribe and save

Buy Now

Navigation

Zebras and Lions: Better Incident Handling Through Improved Cooperation

Abstract

Access this chapter

Subscribe and save

Buy Now

Similar content being viewed by others

Developing a Cyber Incident Communication Management Exercise for CI Stakeholders

Introduction to Security Incidents and Response Against Cyber Attacks

Security threats to critical infrastructure: the human factor

Notes

References

Acknowledgments

Author information

Authors and Affiliations

Corresponding author

Editor information

Editors and Affiliations

Rights and permissions

Copyright information

About this paper

Cite this paper

Download citation

Share this paper

Publish with us

Search

Navigation