You are previewing Critical Information Infrastructure Protection and Resilience in the ICT Sector.
O'Reilly logo
Critical Information Infrastructure Protection and Resilience in the ICT Sector

Book Description

With the progression of technological breakthroughs creating dependencies on telecommunications, the internet, and social networks connecting our society, CIIP (Critical Information Infrastructure Protection) has gained significant focus in order to avoid cyber attacks, cyber hazards, and a general breakdown of services. Critical Information Infrastructure Protection and Resilience in the ICT Sector brings together a variety of empirical research on the resilience in the ICT sector and critical information infrastructure protection in the context of uncertainty and lack of data about potential threats and hazards. This book presents a variety of perspectives on computer science, economy, risk analysis, and social sciences; beneficial to academia, governments, and other organisations engaged or interested in CIIP, Resilience and Emergency Preparedness in the ICT sector.

Table of Contents

  1. Cover
  2. Title Page
  3. Copyright Page
  4. Editorial Advisory Board and List of Reviewers
    1. List of Reviewers
  5. Preface
  6. Acknowledgment
  7. Section 1: Set the Scene
    1. Chapter 1: ICT Resilience as Dynamic Process and Cumulative Aptitude
      1. ABSTRACT
      2. INTRODUCTION
      3. DEFINITIONS OF RESILIENCE IN LITERATURE
      4. LEARNING FROM REAL LIFE INCIDENTS: KATRINA’S IMPACTS ON PUBLIC TELECOMMUNICATIONS
      5. 9/11’S IMPACTS ON PUBLIC TELECOMMUNICATIONS
      6. CYBER ATTACKS AND THE NEED FOR NETWORK RESILIENCE
      7. MANN GULCH: THE DYNAMICS OF RESILIENCE IN A HUMAN CONTEXT
      8. RESILIENCE IS REQUIRED AS HYBRID TELECOM SYSTEMS ARE COMPLEX
      9. THE CALL FOR A DEFINITION OF THE NOTION OF INCIDENT
      10. A GENERIC DEFINITION OF RESILIENCE
      11. RESILIENCE IS THE APTITUDE TO RESIST DESTRUCTION
      12. RESILIENCE IS THE APTITUDE TO MAINTAIN AND RESTORE GoS AND QoS
      13. THE REACTIVE CAPABILITIES REQUIRED TO SURVIVE CRISES ARE BOTH TECHNICAL AND NON-TECHNICAL
      14. RESILIENCE ENGINEERING IS AN INTEGRATED PROCESS
      15. RESILIENCE DOES NOT STEM FROM IMPROVISATION
      16. FUTURE RESEARCH DIRECTIONS
      17. CONCLUSION
    2. Chapter 2: Resilience Principles for the ICT Sector
      1. ABSTRACT
      2. INTRODUCTION
      3. ABSTRACT PRINCIPLES VS. CONCRETE SOLUTIONS
      4. SUMMARY
    3. Chapter 3: Large Scale Physical Disruptions in the Electronic Communication Sector
      1. ABSTRACT
      2. INTRODUCTION
      3. BACKGROUND
      4. TYPES OF DISRUPTION
      5. UNDERSTANDING DISRUPTIONS
      6. UNDERSTANDING RISK
      7. SUMMARY
      8. CONCLUSION AND RECOMMENDATIONS
    4. Chapter 4: Lessons from Major Incidents Influencing and Influenced by Telecoms Failures
      1. ABSTRACT
      2. INTRODUCTION
      3. BACKGROUND
      4. THE IMPACT OF BLACKOUTS ON TELECOM INFRASTRUCTURES
      5. THE IMPACT OF NATURAL DISASTERS ON TELECOM INFRASTRUCTURES
      6. THE IMPACT OF TERRORIST ATTACKS ON TELECOM INFRASTRUCTURES
      7. THE IMPACT OF ICT INFRASTRUCTURE PROBLEMS
      8. CYBER-ATTACKS ON ICT INFRASTRUCTURES
      9. FUTURE RESEARCH DIRECTIONS
      10. CONCLUSION
    5. Chapter 5: Threats to the Critical Information Infrastructure Protection (CIIP) Posed by Modern Terrorism
      1. ABSTRACT
      2. INTRODUCTION
      3. 1. PROCESS OF GLOBALIZATION AND THE SECURITY ENVIRONMENT AFTER THE COLD WAR
      4. 2. AL QAEDA AND ITS ASSOCIATED MOVEMENTS: A SERIOUS THREAT TO CRITICAL INFORMATION INFRASTRUCTURE PROTECTION (CIIP)
      5. 3. AL QAEDA AND ITS ASSOCIATED MOVEMENTS’ ABILITY TO EMPLOY CHALLENGES TO EFFECTIVE CRITICAL INFORMATION INFRASTRUCTURE PROTECTION
      6. 4. WHAT NEEDS TO BE DONE TO IMPROVE CRITICAL INFRASTRUCTURE INFORMATION PROTECTION AND RESILIENCE FROM AQAM?
      7. CONCLUSION
  8. Section 2: Methods and Practices
    1. Chapter 6: Modelling Economic Consequences of ICT Infrastructure Failure in Support of Critical Infrastructure Protection Policies
      1. ABSTRACT
      2. 1 INTRODUCTION
      3. 2 THE ESTONIAN 2007 CYBER ATTACKS: ECONOMIC IMPACT OVERVIEW
      4. 3 THE INOPERABILITY INPUT-OUTPUT MODEL (IIM)
      5. 4 IIM APPLICATION: A 11 CI CASE STUDY FOR ICT FAILURE
      6. 5 DISCUSSION OF RESULTS
      7. APPENDIX 1
      8. APPENDIX 2
    2. Chapter 7: The Complexity Science Approach vs. the Simulative Approach
      1. ABSTRACT
      2. INTRODUCTION
      3. BACKGROUND
      4. MAJOR ISSUES AND PROBLEMS
      5. FUTURE RESEARCH DIRECTIONS
      6. CONCLUSION
    3. Chapter 8: Risk Assessment of Multi-Order Dependencies between Critical Information and Communication Infrastructures
      1. ABSTRACT
      2. INTRODUCTION
      3. ASSESSING RISK AND DEPENDENCIES
      4. RISK ASSESSMENT METHODOLOGY FOR CI DEPENDENCIES
      5. CONCLUSION AND FUTURE WORK
    4. Chapter 9: Using Hybrid Attack Graphs to Model and Analyze Attacks against the Critical Information Infrastructure
      1. ABSTRACT
      2. INTRODUCTION
      3. BACKGROUND
      4. MODELING CYBER-PHYSICAL SYSTEMS IN THE SMART GRID
      5. FUTURE RESEARCH DIRECTIONS
      6. CONCLUSION
    5. Chapter 10: Cyber Risks in Energy Grid ICT Infrastructures
      1. ABSTRACT
      2. INTRODUCTION
      3. BACKGROUND
      4. EVALUATION OF CYBER RISKS
      5. SCOPE OF THE EXPERIMENTAL ACTIVITY
      6. EXPERIMENTAL RESULTS
      7. RECOMMENDATIONS
      8. CONCLUSION AND FUTURE RESEARCH DIRECTIONS
    6. Chapter 11: Model-Based Evaluation of the Impact of Attacks to the Telecommunication Service of the Electrical Grid
      1. ABSTRACT
      2. INTRODUCTION
      3. BACKGROUND
      4. THE MODELING FRAMEWORK
      5. CASE STUDY AND RESULTS DISCUSSION
      6. FUTURE RESEARCH DIRECTIONS AND CONCLUSION
    7. Chapter 12: Evaluating Security and Resilience of Critical Networked Infrastructures after Stuxnet
      1. ABSTRACT
      2. 1 INTRODUCTION
      3. 2 RELATED WORK
      4. 3 SCADA SYSTEM VULNERABILITIES
      5. 4 SIMULATION ENVIRONMENT
      6. 5 MALSIM
      7. 6 MALSIM AFTER STUXNET
      8. 7 ATTACK SCENARIOS
      9. 8 CONCLUSION
  9. Section 3: Looking to the Future
    1. Chapter 13: The Issue of Trust and Information Sharing and the Question of Public Private Partnerships
      1. ABSTRACT
      2. INTRODUCTION
      3. BACKGROUND
      4. TRUST
      5. INFORMATION SHARING
      6. TYPES OF PPP
      7. THE NEED FOR PUBLIC-PRIVATE PARTNERSHIPS: AN EXAMPLE
      8. ARE PPPs EFFECTIVE, AND HOW CAN THE SUCCESS OF PPPs BE MEASURED?
      9. WHO SHOULD BE INVOLVED IN A PPP, AND HOW SHOULD A PPP BE GOVERNED?
      10. WHAT ARE THE MAIN REQUIREMENTS OF A TRUSTED INFORMATION-SHARING CIRCLE?
      11. HOW MAY TRUST BE ESTABLISHED?
      12. WHAT INCENTIVES CAN BE PROVIDED TO THE PRIVATE SECTOR TO ENCOURAGE THEM TO JOIN A PPP?
      13. SHOULD FUNDING FOR PPPS COME FROM THE PUBLIC OR PRIVATE SECTORS OR BOTH?
      14. TRUST, PPPs, AND THE CLOUD WORKING ENVIRONMENT
      15. CONCLUSION AND RECOMMENDATIONS
    2. Chapter 14: The Telecoms Inclusion Principle
      1. ABSTRACT
      2. INTRODUCTION
      3. BACKGROUND
      4. N-1 AND THE LIMITATIONS OF CONTINGENCY PLANNING
      5. THE TELECOMS INCLUSION PRINCIPLE
      6. FAILURE MODES WITHIN THE TELECOMS INCLUSION PRINCIPLE
      7. INCLUDING TELECOMS IN NATIONAL INFRASTRUCTURE SIMULATIONS
      8. INCLUDING TELECOMS IN LOCAL INFRASTRUCTURE SIMULATIONS
      9. FUTURE RESEARCH DIRECTIONS
      10. CONCLUSION
    3. Chapter 15: Next Generation Information-Based Infrastructures
      1. ABSTRACT
      2. INTRODUCTION
      3. BACKGROUND
      4. NEXT GENERATION (ICT-BASED) INFRASTRUCTURES
      5. RECOMMENDATIONS
      6. CONCLUSION
  10. Compilation of References
  11. About the Contributors