Proactive Security Protection of Critical Infrastructure

Transportation Systems and Engineering ◽

10.4018/978-1-4666-8473-7.ch019 ◽

2015 ◽

pp. 393-421

Author(s):

Bill Bailey ◽

Robert Doleman

Keyword(s):

Critical Infrastructure ◽

Social Consequences ◽

Management Tool ◽

Security Threat ◽

Intelligence Gathering ◽

Support Mechanisms ◽

Proactive Security ◽

Additional Support ◽

Systematic Security ◽

Threat Levels

The belief that a static alarm system will safeguard critical infrastructure without additional support mechanisms is misplaced. This complacency is no longer satisfactory with the increase in worldwide threat levels and the potential social consequences. What is required is a more proactive, comprehensive security management process that adds to the ability to prevent, detect, deter, respond, and defeat potential harmful events and incidents. The model proposed here is proactive and grounded upon current operational procedures used by major companies in hostile and dangerous environments. By utilising a clearly defined comprehensive risk management tool, a more systematic security, threat, risk, and vulnerability assessment (STRVA), process can be developed. This process needs to identify deliberate targeting of assets through multiple intelligence gathering capabilities, plus defeat testing to probe existing security defences. The consequence approach to a potential breakthrough is at the essence of this methodology.

Download Full-text

Protection of Critical Homeland Assets

Developing Next-Generation Countermeasures for Homeland Security Threat Prevention - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-5225-0703-1.ch002 ◽

2017 ◽

pp. 17-50

Author(s):

William J. Bailey

Keyword(s):

Critical Infrastructure ◽

Management Tool ◽

Security Threat ◽

Worst Case ◽

Intelligence Gathering ◽

Proactive Approach ◽

Wide Range ◽

Government Organisation ◽

Security Planning ◽

Systematic Security

The protection of critical infrastructure assets is vital to every government, organisation, business and person. If the asset forms part of the vital critical infrastructure, the loss could be catastrophic and far reaching with considerable knock-on effects. To avoid such negative outcomes requires a wide range of in-built resilient security structures, plans and operating procedures. A more adaptive, proactive, comprehensive security management process needs to be embraced to: prevent, detect, deter, respond and defeat potential damaging events and incidents. Core to security planning is a full understanding of the potential consequences of worst case scenarios. Adopting a process driven model is a proactive approach and grounded upon current operational procedures used by major international companies in hostile and dangerous environments. By utilizing a clearly defined comprehensive risk management tool, a more systematic Security, Threat, Risk and Vulnerability Assessment (STRVA), process can be developed. This process uses a multi-layered intelligence gathering capabilities.

Download Full-text

Protection of Critical Homeland Assets

Global Business Expansion ◽

10.4018/978-1-5225-5481-3.ch078 ◽

2018 ◽

pp. 1705-1738

Author(s):

William J. Bailey

Keyword(s):

Critical Infrastructure ◽

Management Tool ◽

Security Threat ◽

Worst Case ◽

Intelligence Gathering ◽

Proactive Approach ◽

Wide Range ◽

Government Organisation ◽

Security Planning ◽

Systematic Security

The protection of critical infrastructure assets is vital to every government, organisation, business and person. If the asset forms part of the vital critical infrastructure, the loss could be catastrophic and far reaching with considerable knock-on effects. To avoid such negative outcomes requires a wide range of in-built resilient security structures, plans and operating procedures. A more adaptive, proactive, comprehensive security management process needs to be embraced to: prevent, detect, deter, respond and defeat potential damaging events and incidents. Core to security planning is a full understanding of the potential consequences of worst case scenarios. Adopting a process driven model is a proactive approach and grounded upon current operational procedures used by major international companies in hostile and dangerous environments. By utilizing a clearly defined comprehensive risk management tool, a more systematic Security, Threat, Risk and Vulnerability Assessment (STRVA), process can be developed. This process uses a multi-layered intelligence gathering capabilities.

Download Full-text

Less Safe

Patriotic Information Systems ◽

10.4018/978-1-59904-594-8.ch002 ◽

2011 ◽

pp. 28-41

Author(s):

Harry Hammitt

Keyword(s):

Web Sites ◽

Critical Infrastructure ◽

Bush Administration ◽

Public Access ◽

Open Government ◽

Terrorist Attacks ◽

Government Agencies ◽

Sources Of Information ◽

Security Threat ◽

Perceived Security

Since the terrorist attacks of September 11, 2001, there has been a tightening of public access. In response to perceived security threats, government agencies have taken information down from Web sites, curtailed or restricted access to electronic sources of information, broadened the interpretation of FOIA exemptions, created or augmented new categories of restricted information, and prohibited public access for critical infrastructure information. These policy responses have been based both on the perceived security threat and an inhospitable attitude toward open government on the part of the Bush administration.

Download Full-text

A Design of the Network Security Evaluation System

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.686.458 ◽

2014 ◽

Vol 686 ◽

pp. 458-462

Author(s):

Zi Yan Shi ◽

Guo Lin Zhao ◽

Qiao Lin Hu

Keyword(s):

Network Security ◽

Evaluation System ◽

Evaluation Method ◽

Evaluation Model ◽

Normal Operation ◽

Management Tool ◽

Security Evaluation ◽

Security Risk ◽

Security Threat ◽

Management Tools

The security evaluation for an information network system is an important management tool to insure its normal operation. We must realize the significance of the comprehensive network security risks. A network evaluation model and the algorithm are presented and adapt the hierarchical method to characterize the security risk situation. The evaluation method is used to evaluate the key nodes and the mathematics is used to analyze the whole network security situation. Compared with others, the method can automatically create a rule-based security evaluation model to evaluate the security threat from the individual security elements and the combination of security elements, and then evaluation the network situation. It is shown that this system provides a valuable model and algorithms to help to find the security rules, adjust the security measure, improve the security performance and design the appropriate security risk evaluation and management tools.

Download Full-text

Neutrollization: Industrialized trolling as a pro-Kremlin strategy of desecuritization

Security Dialogue ◽

10.1177/0967010618785102 ◽

2018 ◽

Vol 49 (5) ◽

pp. 345-363 ◽

Cited By ~ 6

Author(s):

Xymena Kurowska ◽

Anatoly Reshetnikov

Keyword(s):

Foreign Policy ◽

Civil Society ◽

Speech Act ◽

Social Consequences ◽

Contextual Analysis ◽

Political Agenda ◽

The Internet ◽

Security Threat ◽

The Social ◽

Internet Activism

This article considers the significance of trolling for security processes through a contextual analysis of industrialized pro-Kremlin trolling in the Russian blogosphere. The publicity surrounding Russia’s hacking activities in international politics conceals the significance of the domestic trolling culture in Russia and its role in the ‘trolling turn’ in Russia’s foreign policy. We contextually identify the practice of ‘neutrollization’ – a type of localized desecuritization where the regime adopts trolling to prevent being cast as a societal security threat by civil society. Neutrollization relies on counterfeit internet activism, ostensibly originating from the citizenry, that produces political disengagement by breeding radical doubt in a manner that is non-securitizing. Rather than advocating a distinct political agenda, and in contrast to conventional understandings of the operations of propaganda, neutrollization precludes the very possibility of meaning, obviating the need to block the internet in an openly authoritarian manner. It operates by preventing perlocution – that is, the social consequences of the security speech act. This prevention is achieved through the breaking or disrupting of the context in which acts of securitization could possibly materialize, and is made possible by a condition of ‘politics without telos’ that is different from the varieties of depoliticization more familiar in Western societies.

Download Full-text

The Researcher as a National Security Threat

Comparative Studies of South Asia Africa and the Middle East ◽

10.1215/1089201x-7885400 ◽

2019 ◽

Vol 39 (3) ◽

pp. 451-461

Author(s):

Narges Bajoghli

Keyword(s):

United States ◽

National Security ◽

The United States ◽

Ethnographic Research ◽

Security Threat ◽

Intelligence Gathering

Abstract Based on ethnographic research in Iran among the country's Islamic Revolutionary Guards Corps (IRGC) and its Basij militia, this article explores the process of gaining access to these militarized groups in order to conduct long-term research. Specifically, what does it mean to build rapport and gain trust within a highly securitized space such as this? What happens when the researcher is a potential “national security” threat in both Iran and the United States? How is national security enacted in everyday interactions in the field? Given that anthropologists have tended to have an affinity with the group and community they work with, this article explores the implications of research among a group of men in charge of surveillance, intelligence gathering, and citizen suppression in the country. The article argues that in the midst of national security rhetoric, interrogative surveillance is a strategic tool that makes space for engagement.

Download Full-text

The World is Polluted With Leaked Cyber Data

National Security ◽

10.4018/978-1-5225-7912-0.ch024 ◽

2019 ◽

pp. 497-513

Author(s):

Ivan D. Burke ◽

Renier P. van Heerden

Keyword(s):

Senior Management ◽

Security Threat ◽

Data Breach ◽

Corporate Networks ◽

Data Breaches ◽

It Managers ◽

The World ◽

Corporate Network ◽

Threat Levels ◽

Scale Data

Data breaches are becoming more common and numerous every day, where huge amount of data (corporate and personal) are leaked more frequently than ever. Corporate responses to data breaches are insufficient, when commonly remediation is minimal. This research proposes that a similar approach to physical pollution (environmental pollution) can be used to map and identify data leaks as Cyber pollution. Thus, IT institutions should be made aware of their contribution to Cyber pollution in a more measurable method. This article defines the concept of cyber pollution as: security vulnerable (such as unmaintained or obsolete) devices that are visible through the Internet and corporate networks. This paper analyses the recent state of data breach disclosures Worldwide by providing statistics on significant scale data breach disclosures from 2014/01 to 2016/12. Ivan Burke and Renier van Heerden model security threat levels similar to that of pollution breaches within the physical environment. Insignificant security openings or vulnerabilities can lead to massive exploitation of entire systems. By modelling these breaches as pollution, the aim is to introduce the concept of cyber pollution. Cyber pollution is a more tangible concept for IT managers to relay to staff and senior management. Using anonymised corporate network traffic with Open Source penetration testing software, the model is validated.

Download Full-text

Security of Water Critical Infrastructure

Safety and Security Issues in Technical Infrastructures - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-7998-3059-7.ch004 ◽

2020 ◽

pp. 88-116

Author(s):

David Birkett

Keyword(s):

Value Chain ◽

Critical Infrastructure ◽

Terrorist Attacks ◽

Water Services ◽

Water Value ◽

Threat Level ◽

Threat Levels

There is an identified and elevated threat level to water services by modern terrorists, in consideration of increasing levels of observed violence in recent terrorist attacks across Europe. This chapter raises significant aspects related to the security of the water critical infrastructure (water CI). Initially, dependencies and interdependencies of water CI, with other CIs, are highlighted as a potential incubating risk, which may well be hidden within the complexities of the modern water value chain of logistics and services. Threats to water CI including single points of failure are further described, followed by terrorist water attack planning methodologies and strategies. Finally, the water CI protection that may be considered to reduce any future threat levels from acts of terrorism is discussed.

Download Full-text

Spotting the lone actor: combating lone wolf terrorism through financial investigations

Journal of Financial Crime ◽

10.1108/jfc-08-2016-0052 ◽

2017 ◽

Vol 24 (4) ◽

pp. 637-642

Author(s):

Michael Tierney

Keyword(s):

Design Methodology ◽

Financial Crime ◽

Intelligence Analysis ◽

Security Threat ◽

New Approach ◽

Content Type ◽

Intelligence Gathering ◽

Lone Wolf ◽

Behavioural Characteristics ◽

Financial Intelligence

Purpose In 2014, Paul Gill et al. introduced a study of 119 lone-actor terrorism cases, and found that lone-actor extremists could be more accurately identified by their behavioural characteristics and activities, rather than their extremist ideologies. The study was said to have significant impact on intelligence analysis in the field of counterterrorism. The purpose of this paper is to apply Gill et al.’s findings to financial intelligence investigations, to assist investigators with the detection and prevention of lone-actor terrorist financing. Design/methodology/approach This article provides an overview of the key findings provided by Gill et al. It then discusses the indicators of lone-actor terrorism in the context of financial intelligence investigations, and sets out methods to improve financial intelligence investigations to better identify and stop lone-actor terrorism in the future. Findings By applying traditional financial intelligence techniques, which focus on assessing an individual’s activity and behaviour, with open-source intelligence gathering, financial intelligence investigators will be better equipped to identify lone-actor terrorism and its financing moving forward. Originality/value This article will be of value to investigators specializing in terrorism and financial crime, as it will assist them in the identification of a proliferating security threat, the lone-actor terrorist. While the article relies on the findings provided by Gill et al., it takes a new approach by applying those findings specifically to the financial intelligence sector, to improve investigations related to terrorism.

Download Full-text