Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to main content
Springer Nature Link
Log in

A Structured Approach to Incident Response Management in the Oil and Gas Industry

  • Conference paper
Critical Information Infrastructure Security (CRITIS 2008)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 5508))

Abstract

Incident Response is the process of responding to and handling ICT security related incidents involving infrastructure and data. This has traditionally been a reactive approach, focusing mainly on technical issues. In this paper we present the Incident Response Management (IRMA) method, which combines traditional incident response with pro-active learning and socio-technical perspectives. The IRMA method is targeted at integrated operations within the oil and gas industry.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Hackers Have Attacked Foreign Utilities, CIA Analyst Says, http://www.washingtonpost.com/wp-dyn/content/article/2008/01/18/AR2008011803277.html

  2. Information technology - Security techniques - Information security incident management. Tech. Rep. TR 18044:2004, ISO/IEC (2004)

    Google Scholar 

  3. Integrated Operations on NCS (2004), http://www.olf.no/?22894.pdf

  4. Information technology – security techniques – code of practice for information security management, ISO/IEC Std. 27002 (2005)

    Google Scholar 

  5. Information technology – security techniques – information security management systems – requirements, ISO/IEC Std. 27001 (2005)

    Google Scholar 

  6. Albrechtsen, E.: Friend or foe? Information security management of employees. Ph.D. thesis, NTNU (2008)

    Google Scholar 

  7. Argyris, C., Schön, D.A.: Organisational learning: A theory of action perspective. Addison-Wesley, Reading (1978)

    Google Scholar 

  8. Cooke, D.L.: Learning from Incidents. In: Proceedings of the 21st System Dynamics Conference (2003)

    Google Scholar 

  9. Cormack, A., et al.: TRANSITS course material for training of network security incident teams staff. Tech. rep., TERENA (2005)

    Google Scholar 

  10. Dhillon, G., Backhouse, J.: Current directions in IS security research: towards socio-organizational perspectives. Information Systems Journal 11(2), 127–153 (2001)

    Article  Google Scholar 

  11. Forte, D.: Security standardization in incident management: the ITIL approach. Network Security 2007(1), 14–16 (2007)

    Article  Google Scholar 

  12. Grance, T., Kent, K., Kim, B.: Computer security incident handling guide. Tech. Rep. Special Publication 800-61, NIST (2004), http://csrc.nist.gov/publications/nistpubs/800-61/sp800-61.pdf

  13. Hammer, M., Champy, J.A.: Re-engineering the Corporation: A Manifesto for Business Revolution. Harper Collins (1993)

    Google Scholar 

  14. Hendrick, K., Benner, L.: Investigating accidents with STEP. CRC Press, Boca Raton (1986)

    Google Scholar 

  15. Jaatun, M.G., Albrechtsen, E., Line, M.B., Johnsen, S.O., Wærø, I., Longva, O.H., Tøndel, I.A.: A Study of Information Security Practice in a Critical Infrastructure Application. In: Rong, C., Jaatun, M.G., Sandnes, F.E., Yang, L.T., Ma, J. (eds.) ATC 2008. LNCS, vol. 5060, pp. 527–539. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  16. Jaatun, M.G., Johnsen, S.O., Line, M.B., Longva, O.H., Tøndel, I.A., Albrechtsen, E., Wærø, I.: Incident Response Management in the oil and gas industry. Tech. Rep. SINTEF A4086, SINTEF ICT (2007), http://www.sintef.no/upload/10977/20071212_IRMA_Rapport.pdf

  17. Jaatun, M.G. (ed.): Arbeidsseminar om IKT-sikkerhet i Integrerte Operasjoner: Referat (in Norwegian only). Tech. rep., SINTEF (2007), http://www.sintef.no/upload/10977/sluttrapport.pdf

  18. Johnsen, S.O., Ask, R., Røisli, R.: Reducing Risk in Oil and Gas Production Operations. In: Goetz, E., Shenoi, S. (eds.) First Annual IFIP WG 11.10 International Conference, Critical Infrastructure Protection (2007)

    Google Scholar 

  19. Johnsen, S.O., Bjørkli, C., Steiro, T., Fartum, H., Haukenes, H., Ramberg, J., Skriver, J.: CRIOP: A scenario method for Crisis Intervention and Operability analysis. Tech. Rep. STF38 A03424, SINTEF (2003), www.criop.sintef.no

  20. Kjellén, U.: Prevention of accidents through experience feedback. Taylor and Francis, Abington (2000)

    Book  Google Scholar 

  21. Klinke, A., Renn, O.: A new approach to risk evaluation and management: risk-based, precaution-based and discourse-based strategies. Risk Analysis 22(6), 1071–1094 (2002)

    Article  Google Scholar 

  22. Mitropoulos, S., Patsos, D., Douligeris, C.: On Incident Handling and Response: A state-of-the-art approach. Computers & Security 25(5), 351–370 (2006)

    Article  Google Scholar 

  23. Siponen, M.T., Oinas-Kukkonen, H.: A review of information security issues and respective research contributions. Database for Advances in Information Systems 38(1), 60 (2007)

    Article  Google Scholar 

  24. Slovic, P.: The perception of risk. Earthscan, London (2000)

    Google Scholar 

  25. Stouffer, K., Falco, J., Kent, K.: Guide to industrial control systems (ics) security (2nd draft). Tech. Rep. Special Publication 800-82, NIST (2007), http://csrc.nist.gov/publications/drafts/800-82/2nd-Draft-SP800-82-clean.pdf

Download references

Author information

Authors and Affiliations

  1. SINTEF, N-7465, Trondheim, Norway

    Maria B. Line, Eirik Albrechtsen, Martin Gilje Jaatun, Inger Anne Tøndel, Stig Ole Johnsen, Odd Helge Longva & Irene Wærø

Authors
  1. Maria B. Line
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Eirik Albrechtsen
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Martin Gilje Jaatun
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Inger Anne Tøndel
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Stig Ole Johnsen
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Odd Helge Longva
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Irene Wærø
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Complex Systems & Security Lab, University CAMPUS Bio-Medico of Roma, Italy

    Roberto Setola

  2. IABG mbH Germany, InfoCom, Safety and Security, Dept. for Critical Infrastructures, Einsteinstr. 20, 855211, Ottobrunn, Germany

    Stefan Geretshuber

Rights and permissions

Reprints and permissions

Copyright information

© 2009 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Line, M.B. et al. (2009). A Structured Approach to Incident Response Management in the Oil and Gas Industry. In: Setola, R., Geretshuber, S. (eds) Critical Information Infrastructure Security. CRITIS 2008. Lecture Notes in Computer Science, vol 5508. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-03552-4_21

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-03552-4_21

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-03551-7

  • Online ISBN: 978-3-642-03552-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation