Building a Cybersecurity Culture in the Industrial Control System Environment
Author(s): ARAUJO MACEDO, Claudia; MENTING, Jos
Author(s) keywords: awareness, cybersecurity culture, Industrial Control System, security measures framework, training
Reference keywords: cyberawareness, cybersecurity
Abstract:
Cybersecurity in industrial control system environments has become a significant concern and is even more relevant in the context of critical infrastructures where control system disruption could have a profound impact on health, safety and the environment. This makes this type of system a major target for malicious activities. Notwithstanding an organization’s interest in protecting its industrial control systems against cyber-attacks, the implementation of security measures, whether technical, organizational or human, still faces resistance and is often seen as a constraint. Using the best technology to protect industrial control systems makes no sense if persons with access do not act attentively and protectively. Technical and human cybersecurity measures are intrinsically linked, and it is essential that all persons with access to these systems are fully aware of the inherent cyber risks. Organizations must also act so that staff receive appropriate training on how to keep systems continuously protected against cyber-attack when carrying out their daily tasks. These educational processes can contribute to building an effective cybersecurity culture fully reflective of management and staff attitudes, so that the availability, integrity and confidentiality of information in industrial control systems can be assured.
References:
[1]. ENISA – Cybersecurity Culture in Organizations.
[2]. ENISA – Cybersecurity culture Guidelines: Behavior Aspects of Cybersecurity.
[3]. ENISA – Analysis of ICS-SCADA cybersecurity Maturity Level in critical sectors.
[4]. ISC² - Building a Strong Culture of Security.
[5]. MIT - CAMS Research Program: How can we create a strong cybersecurity culture in our organizations?
[6]. Allianz - Risk barometer 2018.
Article Title: Building a Cybersecurity Culture in the Industrial Control System Environment
Author(s): ARAUJO MACEDO, Claudia; MENTING, Jos
Date of Publication: 2019-06-28
Publication: International Journal of Information Security and Cybercrime
ISSN: 2285-9225 e-ISSN: 2286-0096
Digital Object Identifier: 10.19107/IJISC.2019.01.05
Issue: Volume 8, Issue 1, Year 2019
Section: Studies and Analysis of Cybercrime Phenomenon
Page Range: 39-44 (6 pages)
Copyright ©2012-2023
The International Journal of Information Security and Cybercrime (IJISC)
All rights reserved
The International Journal of Information Security and Cybercrime is a trademark of the Romanian Association for Information Security Assurance (RAISA).
No part of this publication may be reproduced, stored in a retrieval system, photocopied, recorded or archived, without the written permission from RAISA. When authors submit their papers for publication, they agree that the copyright for their article be transferred to the Romanian Association for Information Security Assurance, if the articles are accepted for publication. The copyright covers the exclusive rights to reproduce and distribute the article, including reprints and translations.