New publication: “Towards a Global CIs’ Cyber-Physical Security Management and Joint Coordination Approach”
Open access – CONFERENCE PAPER
Towards a Global CIs’ Cyber-Physical Security Management and Joint Coordination Approach
By Vasiliki Mantzana, Eftichia Georgiou, Anna Gazi, Ilias Gkotsis, Ioannis Chasiotis and Georgios Eftychidis | Center for Security Studies (KEMEA), Athens, Greece
Published in Cyber-Physical Security for Critical Infrastructures Protection, pp. 155 – 170, First International Workshop, CPS4CIP 2020, Guildford, UK, September 18, 2020, Revised Selected Papers
Abstract
Critical Infrastructures (CIs) face numerous cyber-physical threats that can affect citizens’ lives and habits, increase their feeling of insecurity, and influence the seamless services provision. During such incidents, but also in general for the security of CIs several internal and external stakeholders are involved, having different needs and requirements, trying to cooperate, respond and recover. Although CIs security management process is well analyzed in the literature there is a need to set a common ground among different CIs, thus reducing administration/coordination overhead and rendering the decision making and crisis management process more efficient. In this direction, this paper considers three different CIs (airport facilities, gas infrastructures, and hospitals); presents the current and emerging physical and cyber security related regulations and standards, operations, organisational and technical measure and; finally, through the discussion on gaps and best practices identified, proposes a global, cyber-physical security management and joint coordination approach. The proposed approach recommends among others that the adoption of a Holistic Security Operation Centre (HSOC) in each CI and a National Coordination Centre (NCC), supervising them, which will facilitate the communication and cooperation between the different CI operators and stakeholders, in case of an incident, that may have cascading effects to interconnected Infrastructures. The findings presented and the conclusions drawn are linked with three EU funded research projects (SATIE, SecureGas and SAFECARE), that aim to improve physical and cyber security of CIs in a seamless and cost-effective way.
Keywords
Critical infrastructures – Security management – Crisis management – Physical – Cyber – Stakeholders – Communication – Coordination centre – SOC