No full-text available
To read the full-text of this research,
you can request a copy directly from the authors.
Cybersecurity in the Era of Digital Transformation: The case of Greece
Abstract
This article presents the cyber security progress in Greece since the creation of the Greek National Cyber Security Authority as a nationwide cybersecurity coordination and policy making unit. During this period, Greece issued a Ministerial Decree that established the National Cyber Security Authority, issued the National Cybersecurity strategy, transposed the NIS Directive to National Law and issued a Ministerial Decree that helped establish a cybersecurity framework for the public sector and the critical infrastructures that reside in Greece. This structured effort led to the achievement of gaining the 1 st position in the prestigious NCSI index for Greece, amongst 160 countries.
... The NCSI has been utilized extensively across recent academic debates (Andrade et al. 2021;Calderaro and Craig 2020;Maglaras et al. 2020). Jazri and Jat (2017, 1) mention the NCSI in their road toward "proposing a simplified and quick framework of measuring cyber security risks profile for critical organizations." ...
National cybersecurity includes so many topics and considerations that a global overview of trends is a quite complex endeavor. Previous studies either focus on individual countries or multiple ones while considering only a specific subtopic or point of interest of national cyber security. The purpose of this article is to present the regional cybersecurity trends of 161 nations, as of late January 2023, through the use of the National Cyber Security Index (NCSI). With the help of the NCSI, its methodology and publicly available database, we will provide both global and regional snapshots of what countries have been focusing on and doing in reference to their national cybersecurity. This will allow the discovery of similarities, best practices, and more importantly, underdeveloped topics that should be improved upon to guarantee a more robust approach to national cybersecurity. Globally, the national approaches seem to be reactionary, with very little focus on proactive measures, but regionally some differences start to appear. Future research will be able to build upon this research by either individual case studies or comparative studies among multiple countries.
... Drivas et al. (2020) confirmed a substantial rise in reported incidents over the last ten years, prompting the local authorities such as the NCSA, to implement all necessary measures to combat cybercrime in Greece. Maglaras et al. (2020) concluded that the rapid pace of digital transformation has left legal authorities struggling to keep pace with technological advancements and, consequently, the rise in cyber risk events. In addition, Vagena & Ntelis (2019) urge the European Union to take immediate actions; EU cybersecurity legislative framework has gaps that need to be filled. ...
In the rapidly evolving domain of cybercrime, understanding the intricate dynamics between industry-specific characteristics and cyber risk ramifications is critical for developing robust risk management strategies. This study delves into the bivariate relationships between annual cyber-attack rates and various industry attributes. Utilizing time-series data as well as both Pearson and Kendall correlation analyses, we assess the linear and ordinal associations across a comprehensive dataset encompassing multiple industries. Our findings reveal that the telecommunications and digital infrastructure industries display a significant inverse relationship between cyber incident rates and systemic risk, an unexpected observation indicating that improved awareness or control of systemic risk may lead to reduced incident rates. On the other hand, the banking sector's direct correlation suggests that as systemic risk rises, so do incident rates, likely because of the sector's attractive high-value data targets. The outcomes of this bivariate exploration complement our previous empirical analysis presented in the article The Financial Impact of Cyber Risk: Empirical Evidence from Greece and the European Economic Area, conducted by the same author, offering a granular view of the cyber risk landscape. This paper aims to inform stakeholders on the pivotal interactions between industrial dynamics and cybersecurity outcomes, fostering informed strategies to mitigate risk and safeguard economic interests.
... Щоб досягти цього, CEIDS керуватиметься такими ключовими принципами: бачення розвитку науки та технологій, які забезпечуватимуть адекватне постачання високоякісної надійної електроенергії для задоволення енергетичних потреб інформаційного суспільства. [28]; L. Anantharaman, M. R. Sridharan [29]; E. Øvrelid, B. Bygstad [30]; F. Imamura et al. [31]; L. Maglaras et al. [32][33]; A. Fekete, J. Rhyner [34]; J. Oliveira et al. [35] та ін., у яких сфокусовано увагу на дослідженні зв'язку між цифровою трансформацією та ризиком лиха (кризової ситуації) або адаптацією до зміни клімату; стратегії корпоративної безпеки у нафтогазовій промиловості; концепціях, методах і стратегіях інтеграції кіберсвіту з фізичним і людським світом. ...
На даний час проблеми цифрової трансформації економік більшості країн Європи у контексті реалізації цифрової стратегії ЄС набувають особливої актуальності. Згідно з дослідженням аналітиків International Data Corporation, загальні глобальні витрати на цифрові технології щорічно зростають на 16,8% і становили у 2019 р. 2,1 трлн дол. Дослідження Huawei та Oxford Economics показали, що інтелектуальна мережева взаємодія може спричинити зростання цифрової економіки, яка до 2025 року досягне 23 трлн дол. Це збільшення становитиме 78,3 % порівняно з 2017 роком (12,9 трлн дол.). До 2025 року частку цифрової економіки планується збільшити на 7,2 відсоткових пункти, або з 17,1 до 24,3% світового ВВП. За розрахунками експертів The Boston Consulting Group, обсяг цифрової економіки до 2035 року становитиме 16 трлн дол. При цьому на розвиток критичної інфраструктури як важливого елементу національної економіки мають суттєвий вплив цифрові технології та інформаційні системи. Правильно підібрані цифрові технології в поєднанні з компетенціями співробітників, процесами та операціями дозволять критично важливим об’єктам інфраструктури швидко адаптуватися до кризових ситуацій, використовувати перспективні можливості для модернізації робочих процесів, задовольняти нові та постійно змінювані потреби клієнтів, стимулювати зростання та впроваджувати інноваційні та управлінські рішення. З огляду на це, метою статті є визначення контекстуальних і часових закономірностей розвитку представлення в науковій літературі досліджень у сфері цифрової трансформації критичної інфраструктури із використанням бібліометричного та трендового аналізу. Відзначено певну дивергентність трендів наукового та користувацького інтересу до питань формування цифрових стратегій розвитку критично важливих об’єктів інфраструктури. Формалізація контекстуальних особливостей поняття «цифрова стратегія розвитку критичної інфраструктури», виокремлених за результатами бібліометричного аналізу, дозволила визначити, що все популярнішим стає аналіз впливу процесів цифровізації на розвиток критичної інфраструктури, протистояння кіберзагрозам, вибору стратегії її трансформації в умовах Індустрії 4.0 і 5.0. Виявлено шість кластерів наукових досліджень, присвячених питанням розроблення цифрової стратегії розвитку критичної інфраструктури. Перший сфокусований на формуванні системи кіберстійкості та кібербезпеки; другий – на розробленні концепції smart city або «розумного» міста; третій – на організації системи державної політики та вищої освіти; четвертий – на визначенні структурних змін у сфері охорони здоров’я та освіті; п’ятий – на обґрунтуванні стратегії розвитку агропромислового комплексу та сектору охорони довкілля за рахунок скорочення викидів парникових газів; шостий – на визначенні часових закономірностей процесів цифровізації для ефективного розвитку критичної інфраструктури. Набули подальшого розвитку теоретичні засади ідентифікації трендів наукових досліджень з обґрунтування цифрових стратегій розвитку критичної інфраструктури, що, на відміну від існуючих, базуються на результатах структуризації наявного дослідницького доробку (з використанням інструментарію VOSviewer v. 1.6.19 та GoogleTrends) за двома критеріями: рівень тісноти наукових досліджень та еволюційно-часовий вимір, що дозволило кластеризувати напрями міждисциплінарних досліджень.
... Social crimes like kidnapping, raping, child abuse, harassing girls, cyberbullying on social media platforms, trafficking of children, etc. happen frequently in different cities of Bangladesh. By implementing the smart city concept in developing nations like Bangladesh, it is possible to stop criminal behavior by utilizing a variety of technology, which will benefit the nation and make people's lives easier [1][2][3][4][5][6][7][8][9][10][11][12][13][14][15][16]. Fig. 1 represents the overview of different crimes which occur in cities with possible applications of crimes in smart cities. ...
The development of smart cities enhances the quality of life for many people by promoting digital interconnection, which encourages dependability and accessibility in cities. Cities have multiple security issues to deal with, as well as kidnapping, rape, child abuse, and violence, completely of which stand on the rise globally. This kind of crime constantly disturbs the victim not only physically and mentally but also forces them to attempt suicide, which can ruin the happiness of many families in a city. Conventional methods are insufficient to safeguard a city from crime and provide a secure way of life for everyone, which is depraved for society and their day-to-day activities. However, this paper, first analyzes the different types of criminal activities in Bangladesh, such as kidnapping, rape, murder, and child abuse, and here offer various technological solutions, to protect cities against the worst crimes, using technologies like cybersecurity and the Internet of Things (IoT) based technologies. With the help of various technological solutions, a city becomes safer while also achieving Sustainable Development Goals (SDG's) number 11, which promotes sustainable cities and communities. This paper clarifies how to reduce criminal activities by making use of a range of technologies, which benefit the country and improve people's quality of life.
... Crahay et al. [23] explore the Berlin Declaration signed by the 27 EU member countries in December 2020 to highlight the importance of digital public services, as digitalization plays a key role in shaping the EU digital decade. Maglaras et al. [24] examine the progress of Greek national cybersecurity strategy and highlight the positive impact of the strategic guidelines on shaping the online security. ...
Cybersecurity attacks have increased in recent years, both on the EU and global levels, in terms of their number and impact. The public administration sector is particularly at risk, as this is where most cybersecurity attacks take place. It is therefore important to develop comprehensive information security strategies on both the organizational and national level. Strategies help to set up a relatively long-term focus and priorities. The aim of our study is to understand how the EU member countries deal with such challenges. To achieve this, we analyze three indices: the level of penetration (PL), level of digitalization (DL), and global cybersecurity index (GCI). We examine individual national strategies to provide a basis for a comparative analysis which can serve as a reference for improving the long-term cybersecurity in the public administration.
... Governments have an extensive role in developing and implementing national-level policy. For instance, establishing a national cybersecurity strategy has helped Greece pursue digital transformation [90]. It should also be considered that while aiming for digital transformation, human factors should also be considered. ...
This systematic literature review explores the digital transformation (DT) and cybersecurity implications for achieving business resilience. DT involves transitioning organizational processes to IT solutions, which can result in significant changes across various aspects of an organization. However, emerging technologies such as artificial intelligence, big data and analytics, blockchain, and cloud computing drive digital transformation worldwide while increasing cybersecurity risks for businesses undergoing this process. This literature survey article highlights the importance of comprehensive knowledge of cybersecurity threats during DT implementation to prevent interruptions due to malicious activities or unauthorized access by attackers aiming at sensitive information alteration, destruction, or extortion from users. Cybersecurity is essential to DT as it protects digital assets from cyber threats. We conducted a systematic literature review using the PRISMA methodology in this research. Our literature review found that DT has increased efficiency and productivity but poses new challenges related to cybersecurity risks, such as data breaches and cyber-attacks. We conclude by discussing future vulnerabilities associated with DT implementation and provide recommendations on how organizations can mitigate these risks through effective cybersecurity measures. The paper recommends a staged cybersecurity readiness framework for business organizations to be prepared to pursue digital transformation.
... Table I shows these areas and the relevant papers. [20], [21] Analysis of factors hindering the development of cybersecurity strategies in the public sector [22] Analysis of cyber attacks and preventive measures [23], [24], [25], [26] Development an establishment of ISMS [27] Awareness measures [28], [29], [30], [31], [32], [33] Lack of skilled workers in public sector and effects [34], [35] Physical Security and Security Assessment [36], [37], [38], [39], [40] Legal framework parameters in cybersecurity domain [41], [42] Maturity models [43], [44] Most papers deal with the safeguarding of the technical components or tackle the analysis of cyber-attacks and pos-sible preventive measures. It is striking that a large number of papers put the staff in the focus and examine how their awareness for cybersecurity can be increased. ...
... This work was based on the literature review of scientific bases. It would be interesting to extend it with a study of different organizations and their perspective on the inclusion or management of cognitive techniques applied to cybersecurity, including understanding how these techniques can provide security in the requirements analysis, and by performing security configurations in the context of DevOps [109] and Digital transformation [110], in addition to how cognitive techniques tie in with Open-source tools, which are widely used to maintain network security, endpoint security, and system security [111]. Although our literature review does not show them explicitly, these are very relevant topics in cybersecurity today. ...
Cognitive security is the interception between cognitive science and artificial intelligence techniques used to protect institutions against cyberattacks. However, this field has not been addressed deeply in research. This study aims to define a Cognitive Cybersecurity Model by exploring fundamental concepts for applying cognitive sciences in cybersecurity. For achieving this, we developed exploratory research based on two steps: (1) a text mining process to identify main interest areas of research in the cybersecurity field and (2) a valuable review of the papers chosen in a systematic literature review that was carried out using PRISMA methodology. The model we propose tries to fill the gap in automatizing cognitive science without taking into account the users’ learning processes. Its definition is supported by the main findings of the literature review, as it leads to more in-depth future studies in this area.
... The World Economic Forum (WEF) threat risk report highlighted that every cyberattack caused by malware leaves indelible impacts, even after the malware has been detected and removed [17]. This paper has the following aims: (1) To advance understanding of the mobile malware history and its position in the cyber threat landscape, examining the major security threats to mobile devices; (2) To provide a discussion on the evolution of Android malware to identify security transformation and propagation modes adopted at each evolutionary stage; (3) To examine different evasion techniques adopted and their security implications; and (4) To critically examine android malware infection strategies and raise recommendations and awareness of malware impacts and how to curb the attacks and infection rates. Our research made the following contributions: ...
The open-source and popularity of Android attracts hackers and has multiplied security concerns targeting devices. As such, malware attacks on Android are one of the security challenges facing society. This paper presents an analysis of mobile malware evolution between 2000-2020. The paper presents mobile malware types and in-depth infection strategies malware deploys to infect mobile devices. Accordingly, factors that restricted the fast spread of early malware and those that enhance the fast propagation of recent malware are identified. Moreover, the paper discusses and classifies mobile malware based on privilege escalation and attack goals. Based on the reviewed survey papers, our research presents recommendations in the form of measures to cope with emerging security threats posed by malware and thus decrease threats and malware infection rates. Finally, we identify the need for a critical analysis of mobile malware frameworks to identify their weaknesses and strengths to develop a more robust, accurate, and scalable tool from an Android detection standpoint. The survey results facilitate the understanding of mobile malware evolution and the infection trend. They also help mobile malware analysts to understand the current evasion techniques mobile malware deploys
This article presents the results of a systematic review of the methods to implement cybersecurity maturity. Based on them, it proposes a framework for excellence in aeronautical cybersecurity that integrates the objectives of aeronautical cybersecurity with capabilities and requirements, which contributes to increasing the maturity of aeronautical cybersecurity. It exposes 13 objectives with 120 capabilities and 5 functional maturity levels to gradually meet up to 600 aeronautical cybersecurity requirements. Which were taken from articles with good practices associated with publications of the last 5 years and the criteria resulting from the collaboration of managers and the validation of experts in the industry, which allowed it to be enriched with good practices associated with the management of cybersecurity and the resilience of these infrastructures.
Cyberattacks, particularly those targeting systems that store or handle sensitive data, have become more sophisticated in recent years. To face increasing threats, continuous capacity building and digital skill competence are needed. Cybersecurity hands-on training is essential to upskill cybersecurity professionals. However, the cost of developing and maintaining a cyber range platform is high. Setting up an ideal digital environment for cybersecurity exercises can be challenging and often need to invest a lot of time and system resources in this process. In this article, we present a lightweight cyber range platform that was developed under the open-source cloud platform OpenStack, based on Docker technology using IaC methodology. Combining the advantages of Docker technology, DevOps automation capabilities, and the cloud platform, the proposed cyber range platform achieves the maximization of performance and scalability while reducing costs and resources.
The links between cybersecurity and civil protection in the last decades became strong due to the rapid increase in the use of Informatics Technologies (IT) worldwide and the need to increase citizens’ protection from various disasters and uncertainties. The objective of the present study is to explore the role of cyber security in enhancing civil protection in Greek reality. Methodologically, the study has been based on a survey with a sample of 345 executives of IT companies in Greece by using a structured questionnaire. The basic results of the research study showed that cyber security technologies positively affect civil protection, cybercrime reduction practices have a positive influence on civil protection, and there is a significant relationship between the government’s role in cyber security and civil protection. Cybersecurity also may have a significant influence on the principles of emergency operations: prevention, mitigation, preparation, response, or emergency evacuation and recovery. The main conclusion from the study is that it is very important for public and private agencies in Greece, as well as in the rest of Europe, to embrace new emerging cybersecurity technologies to help enhance cyber security and civil protection. Potential vulnerabilities in cybersecurity pose substantial risks to the effectiveness and efficiency of such critical infrastructure and directly impact the functioning of states, economies, and societies.
Modern administrative action is no longer conceivable without electronic communication and IT. The complexity of IT, the increasing degree of networking and the dependence of the administration on IT-supported procedures has led to the fact that security of IT and associated processes must be given high priority and a corresponding cybersecurity strategy must be substantiated. Existing approaches either fall short or cannot be applied to the context of local government without adaptation. This article aims at contrasting the published state-of-the-art in information security management and the state-of-practice in governmental organizations. Empirical basis for our work are (1) audit reports of certification audits in the municipal sector, (2) expert interviews on the status quo of information security in German local government and (3) a review of scientific literature. Results of the paper include current challenges in increasing the resilience of the municipal administration and open issues for future research.KeywordsInformation securityCyber securityMunicipal administration
Digital business transformation has security implications. These arise from organisational, business processes and technology changes that produce both risk and opportunity. Transformation requires business systems planning to take account of these altered security profiles and system architects should consider the cyber risks of such changes in advance of implementation. Analysis of the academic literature relating to Digital Transformation was undertaken and mapped to the Cybersecurity Body of Knowledge (CyBOK) using keywords from the selected papers. The published content of two curricular frameworks relating to Enterprise Architecture (TOGAF and SABSA) were also mapped to the CyBOK. This produced a keyword mapping of the cybersecurity risk analysed at framework and Job Role levels. The results reveal several key areas where architects can improve cybersecurity guidance and assurance. It was found that architects most greatly influence the area of Risk Management and Governance, but their influence contributes across many of the CyBOK knowledge areas to improve cybersecurity systems engineering. This work identified the need for further training of architects to include management security knowledge and new technology areas, and that architecture practice should support the development of security by assigning cybersecurity responsibility areas to different roles, enabling all architects to make an integrated contribution to security.
(1) (PDF) Enhancing Security Architecture Framework Practice using the CyBOK Knowledge Areas for Practitioners. Available from: https://www.researchgate.net/publication/357657725_Enhancing_Security_Architecture_Framework_Practice_using_the_CyBOK_Knowledge_Areas_for_Practitioners [accessed Jan 31 2023].
Privacy and information security have consistently been a priority for the European Union lawmaker. This paper investigates the security requirements of the General Data Protection Regulation (GDPR) and the Directive on security of network and information systems (NISD). This investigation incorporates what is unique about the NISD; how it overlaps with existing frameworks; and how security requirements in the GDPR influence the NISD. This mapping of requirements can help businesses and organizations to distinguish possible difficulties that may experience while conforming to GDPR and NISD, and help them create a consistent cybersecurity framework and structure new security plans.
As organisations are vulnerable to cyberattacks, their protection becomes a significant issue. Capability Maturity Models can enable organisations to benchmark current maturity levels against best practices. Although many maturity models have been already proposed in the literature, a need for models that integrate several regulations exists. This article presents a light, web-based model that can be used as a cybersecurity assessment tool for Higher Education Institutes (HEIs) of the United Kingdom. The novel Holistic Cybersecurity Maturity Assessment Framework incorporates all security regulations, privacy regulations, and best practices that HEIs must be compliant to, and can be used as a self assessment or a cybersecurity audit tool.
The objective of the research was to establish data relating to underlying causes of human error which are the most common cause of information security incidents within a private sector healthcare organisation. A survey questionnaire was designed to proactively apply the IS-CHEC information security human reliability analysis (HRA) technique. The IS-CHEC technique questionnaire identified the most likely core human error causes that could result in incidents, their likelihood, the most likely tasks that could be affected, suggested remedial and preventative measures, systems or processes that would be likely to be affected by human error and established the levels of risk exposure. The survey was operational from 15th November 2018 to 15th December 2018. It achieved a response rate of 65% which equated to 485 of 749 people targeted by the research. The research found that, in the case of this particular participating organisation, the application of the IS-CHEC technique through a questionnaire added beneficial value as an enhancement to a standard approach of holistic risk assessment. The research confirmed that IS-CHEC in questionnaire form can be successfully applied within a private sector healthcare organisation and also that a distributed approach for information security human error assessment can be successfully undertaken in order to add beneficial value. The results of this study indicate, from the questionnaire responses supplied by employees, that organisational focus on its people and their working environment can improve information security posture and reduce the likelihood of associated information security incidents through a reduction in human error.
The directive on security of network and information systems (NIS directive) is one of the latest steps that the EU has taken in order to strengthen security of its systems. The directive describes specific steps that each member state should follow. Greece that has recently published its cyber security strategy is moving towards the implementation of the NIS directive. The road ahead is long and a cooperation in both technical and strategic level is needed. This article describes the roadmap of the implementation of the NIS directive in Greece, the milestones, the problems and possible solutions.
Cyber security is the most critical aspect nowadays of our technologically based lives. Government institutions, banking sectors, public and private services, nuclear power plants, power grid operators, water suppliers or waste water treatment companies use information technologies in their day-to-day operations. Everything that uses technologies are based on communication and information systems and that means that it depends on cyber security. The public and private sector each year spend millions of dollars on technologies, security software and hardware devices that will increase the cyber security inside their companies, but they are still vulnerable. The main problem of this situation is that cyber security is still usually treated as a technical aspect or technology which can be easily implemented inside the organization and this implementation will guarantee cyber security. This attitude must change, because cyber security nowadays is something more than just the technology. This article presents the taxonomy of the critical infrastructure attacks, analyzes attack vectors and attack methods used to damage critical infrastructure as well as the most common cyber security mistakes which organizations make in the cyber security field when trying to make themselves safer from vulnerabilities. The main aim of this article is to provide theoretical aspects of the cyber security management model which can be used to ensure security of critical infrastructure in an organization or company. The cyber security management model that is presented in this article is analyzed from management perspectives and is not concerned with technological aspects and products that are used to protect critical infrastructure from cyber security attacks and vulnerabilities. © 2017 by author(s) and VsI Entrepreneurship and Sustainability Center.
In this paper we present a intrusion detection module capable of detecting malicious network traffic in a SCADA (Supervisory Control and Data Acquisition) system. Malicious data in a SCADA system disrupt its correct functioning and tamper with its normal operation. OCSVM (One-Class Support Vector Machine) is an intrusion detection mechanism that does not need any labeled data for training or any information about the kind of anomaly is expecting for the detection process. This feature makes it ideal for processing SCADA environment data and automate SCADA performance monitoring. The OCSVM module developed is trained by network traces off line and detect anomalies in the system real time.
In order to decrease the overhead induced by communicated alarms we propose a new detection mechanism that is based on the combination of OCSVM with a recursive k-means clustering procedure. The proposed intrusion detection module K−OCSVM is capable to distinguish severe alarms from possible attacks regardless of the values of parameters σ and ν, making it ideal for real-time intrusion detection mechanisms for SCADA systems. The most severe alarms are then communicated with the use of IDMEF files to an IDS (Intrusion Detection System) system that is developed under CockpitCI project. Alarm messages carry information about the source of the incident, the time of the intrusion and a classification of the alarm
The incorporation of advanced information and communications technologies allows for the effective collaboration of diverse and geographically distributed legal entities in networked organisations, implementing various business models. This paper presents the results of a survey of academic sources on business models of collaborative networks and their implications for the design of models of collaboration in the field of cybersecurity. It outlines the transition from traditional to digital business models, provides examples of business models in ad-hoc, long-term and goal-oriented organisational collaborations, and presents identified best practices, forms of collaboration, main processes, and key roles in a network. The paper presents a taxonomy of business models, used to span the exploration space in a follow-on design of governance and management models of a cybersecurity competence network.
The NIS Directive introduces obligations for the security of the network and information systems of operators of essential services and of digital service providers and require from the national competent authorities to assess their compliance to these obligations. This paper describes a novel cybersecurity maturity assessment framework (CMAF) that is tailored to the NIS Directive requirements and can be used either as a self assessment tool from critical national infras-tructures either as an audit tool from the National Competent Authorities for cybersecurity.
Organisations having to cope with new threats and risks are increasing their focus and looking on novel ways to improve their cyber security assurance. As Critical National Infrastructures are becoming more vulnerable to cyber attacks, their protection becomes a significant issue for Member States. The National Cyber Security Authority of Greece (NCSA) takes all necessary steps towards a secure Greek Cyberspace. This article presents the findings from the assessment of the central governmental ICT structures in terms of major threats, capacity building priorities, current situation in terms of procedures, security measures and policies and established incident response plans.
Organizations have to manage new risks, sometimes proactively, sometimes by being constrained by
regulations such as GDPR or the NIS directive. To cope with new threats, it is essential to develop or reinforce a real culture of cybersecurity at the organizational level. Before putting anything in place, we must start by
assessing the new risks to which we are exposed. The new regulations that the EU is issuing, invite
organizations and member states to follow these approaches. National Cyber Security Authority of Greece
(NCSA) is responsible for coordinating the public sector and the National Critical Infrastructures (NCIs) of
Greece, in order to take all necessary steps towards a secure Greek Cyberspace. Its main objective is to shield the Nation from external threats and to provide a secure digital environment for all citizens of Greece. One important action is the enhancement of digital skills and the development of a strong public and private security culture, exploiting the potential of the academic community and public and private sector actors. NCSA is following a PDCA-cycle approach with strong cooperation of all relevant stakeholders for securing
NCIs. NCSA is planning a series of audits for the entire public sector and for NCIs. The assessment of the central governmental ICT structures was selected as an initial phase. For this purpose, NCSA sent structured
questionnaires aiming in capturing the general picture of the security situation of central ICT infrastructures.
Data collected during this phase are processed and will be used to design the next steps of deepening and
expanding of such assessments but also to institute regular and / or emergency control procedures on a
permanent basis. The information that has been gathered is analyzed in order to reveal major threats, capacity building priorities, current situation in terms of procedures, security measures and policies and established incident response plans.
The threat to Industrial Control Systems (ICS) from cyber attacks is widely acknowledged by governments and literature. Operators of ICS are looking to address these threats in an effective and cost-sensitive manner that does not expose their operations to additional risks through invasive testing. Whilst existing standards and guidelines offer comprehensive advice for reviewing the security of ICS infrastructure, resource and time limitations can lead to incomplete assessments or undesirably long countermeasure implementation schedules.
In this paper we consider the problem of undertaking efficient cyber security risk assessments and implementing mitigations in large, established ICS operations for which a full security review cannot be implemented on a constrained timescale. The contribution is the Industrial Control System Cyber Defence Triage Process (ICS-CDTP). ICS-CDTP determines areas of priority where the impact of attacks is greatest, and where initial investment reduces the organisation's overall exposure swiftly. ICS-CDTP is designed to be a precursor to a wider, holistic review across the operation following established security management approaches. ICS-CDTP is a novel combination of the Diamond Model of Intrusion Analysis, the Mandiant Attack Lifecycle, and the CARVER Matrix, allowing for an effective triage of attack vectors and likely targets for a capable antagonist. ICS-CDTP identifies and focuses on key ICS processes and their exposure to cyber threats with the view to maintain critical operations. The article defines ICS-CDTP and exemplifies its application using a fictitious water treatment facility, and explains its evaluation as part of a large-scale serious game exercise.
Ijeoma Onyeji is a research analyst at New Energy Insights (NEI). She has previously worked in various fields of sustainable energy, including smart electricity systems, renewable energy, and energy poverty and access. Ms. Onyeji has consulted for a number of organizations, including the International Atomic Energy Agency (IAEA), the United Nations Industrial Development Organisation (UNIDO), and the European Commission's Institute for Energy and Transport (IET). She holds a Master's in Economics and Econometrics.
How coherent is EU cybersecurity policy?
- barrinha
A. Barrinha and H. Farrand-Carrapico, How coherent is
EU cybersecurity policy?, LSE European Politics and
Policy (EUROPP) Blog, 2018.
The role of the European Union Agency for Network and Information Security (ENISA) in the governance strategies of European cybersecurity
- brun
L. Brun, The role of the European Union Agency for
Network and Information Security (ENISA) in the
governance strategies of European cybersecurity,
Université catholique de Louvain, 2018.
Approval of the National Cybersecurity Strategy of Greece
- greece
R. o. Greece, "Approval of the National Cybersecurity
Strategy of Greece," in Diavgeia Governmental
Platform, ΑΔΑ: Ψ4Ρ7465ΧΘ0-Ζ6Ω, Athens, 2018.
Cybersecurity indices and cybercrime annual loss and economic impacts
- K Farahbod
- C Shayo
- J Varzandeh
K. Farahbod, C. Shayo and J. Varzandeh,
"Cybersecurity indices and cybercrime annual loss and
economic impacts," Journal of Business and Behavioral
Sciences, vol. 63, 2020.
- R Rick
R. Rick, National Cyber Security Index 2018, Talinn: e-Governance academy, 2018.
National Cyber Security Index 2018
- R Rick
Cybersecurity indices and cybercrime annual loss and economic impacts
- farahbod