Does the NIS implementation strategy effectively address cyber security risks in the UK?

This paper introduces readers to core concepts around cyber wargaming. Wargames can be powerful learning tools, but few wargames exist to teach players about cyber security. By way of highlighting possibilities in this space, the author has developed an original educational tabletop wargame based on the UK National Cyber Security Strategy and deployed the game to a variety of organisations to determine its pedagogic efficacy. Overall, it is found that the game was effective in generating high-engagement participation and clear learning opportunities. Furthermore, there are design lessons to be learned from existing games for those seeking to use wargames for cyber security training and education.

Download Full-text

A Study on Quantitative methodology to Assess Cyber Security Risks of EMS

Journal of Energy Engineering ◽

10.5855/energy.2015.24.1.123 ◽

2015 ◽

Vol 24 (1) ◽

pp. 123-131

Author(s):

Pil Sung Woo ◽

Balho H. Kim

Keyword(s):

Cyber Security ◽

Quantitative Methodology ◽

Security Risks

Download Full-text

Can the UK cyber-security industry lead the world?

Computer Fraud & Security ◽

10.1016/s1361-3723(15)30006-3 ◽

2015 ◽

Vol 2015 (2) ◽

pp. 5-7

Author(s):

Andrew Tyrer

Keyword(s):

Cyber Security ◽

Security Industry ◽

The World ◽

The Uk

Download Full-text

Improving the Security of Storage Systems

Cyber Law, Privacy, and Security ◽

10.4018/978-1-5225-8897-9.ch038 ◽

2019 ◽

pp. 796-829

Author(s):

Wasan Awad ◽

Hanin Mohammed Abdullah

Keyword(s):

Cyber Security ◽

Storage Systems ◽

Assessment Model ◽

Security Threats ◽

Risk Matrix ◽

Security Risks ◽

Security Systems ◽

Security Vulnerabilities ◽

File Storage ◽

Local Storage

Developing security systems to protect the storage systems are needed. The main objective of this paper is to study the security of file storage server of an organization. Different kinds of security threats and a number of security techniques used to protect information will be examined. Thus, in this paper, an assessment plan for evaluating cyber security of local storage systems in organizations is proposed. The assessment model is based on the idea of cyber security domains and risk matrix. The proposed assessment model has been implemented on two prestigious and important organizations in the Kingdom of Bahrain. Storage systems of the assessed organizations found to have cyber security risks of different scales. This conclusion gives certainty to the fact that organizations are not capable of following the cyber security evolution and secure their storage systems from cyber security vulnerabilities and breaches. Organizations with local storage systems can improve the cyber security of their storage systems by applying certain techniques.

Download Full-text

Security Awareness in the Internet of Everything

Harnessing the Internet of Everything (IoE) for Accelerated Innovation Opportunities - Advances in Computer and Electrical Engineering ◽

10.4018/978-1-5225-7332-6.ch012 ◽

2019 ◽

pp. 272-301 ◽

Cited By ~ 1

Author(s):

Viacheslav Izosimov ◽

Martin Törngren

Keyword(s):

Cyber Security ◽

Physical System ◽

System Of Systems ◽

The Internet ◽

Security Awareness ◽

Security Risks ◽

Interconnected System ◽

Security Education ◽

Practical Evaluation ◽

Explicit Consideration

Our societal infrastructure is transforming into a connected cyber-physical system of systems, providing numerous opportunities and new capabilities, yet also posing new and reinforced risks that require explicit consideration. This chapter addresses risks specifically related to cyber-security. One contributing factor, often neglected, is the level of security education of the users. Another factor, often overlooked, concerns security-awareness of the engineers developing cyber-physical systems. Authors present results of interviews with developers and surveys showing that increase in security-awareness and understanding of security risks, evaluated as low, are the first steps to mitigate the risks. Authors also conducted practical evaluation investigating system connectivity and vulnerabilities in complex multi-step attack scenarios. This chapter advocates that security awareness of users and developers is the foundation to deployment of interconnected system of systems, and provides recommendations for steps forward highlighting the roles of people, organizations and authorities.

Download Full-text

Cyber Security Assessment of NPP I&C Systems

Cyber Security and Safety of Nuclear Power Plant Instrumentation and Control Systems - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-7998-3277-5.ch009 ◽

2020 ◽

pp. 221-238

Author(s):

Oleksandr Klevtsov ◽

Artem Symonov ◽

Serhii Trubchaninov

Keyword(s):

Control Systems ◽

Cyber Security ◽

Nuclear Power ◽

Power Plants ◽

Cyber Attacks ◽

Security Assessment ◽

Nuclear Facilities ◽

Security Risks ◽

Cyber Threats ◽

And Control

The chapter is devoted to the issues of cyber security assessment of instrumentation and control systems (I&C systems) of nuclear power plants (NPP). The authors examined the main types of potential cyber threats at the stages of development and operation of NPP I&C systems. Examples of real incidents at various nuclear facilities caused by intentional cyber-attacks or unintentional computer errors during the maintenance of the software of NPP I&C systems are given. The approaches to vulnerabilities assessment of NPP I&C systems are described. The scope and content of the assessment and periodic reassessment of cyber security of NPP I&C systems are considered. An approach of assessment to cyber security risks is described.

Download Full-text