Transaction Search Form: please type in any of the fields below.
Date: November 22, 2024 Fri
Time: 12:14 pm
Time: 12:14 pm
Results for critical infrastructure
4 results foundAuthor: O'Donnell, Kate Title: Infrastructure Vulnerability and the Coordination of Government Responses Information Technology Systems β Security and Risk Summary: Technological advances often outstrip governmental capacity to regulate, creating infrastructure vulnerabilities and opportunities for criminal exploitation and wrongdoing. These emerging threats and risks are compounded by the fact that new technologies (such as cloud computing) transcend borders. This environment poses serious challenges for policy makers and practitioners alike. On 30 June 2010, the Australian Government released its Critical Infrastructure Resilience Strategy which recognised βthe importance of engaging with the research sector to ensure policies and approaches remain responsive to change and identify and mitigate knowledge gaps identified by critical infrastructure stakeholders. The Government will foster a stronger relationship between the owners and operators of critical infrastructure and the research community to ensure the research needs of critical infrastructure stakeholders on a range of security issues are being met.β This Briefing Paper profiles the CEPS workshop on Information Technology Systems β Security and Risk held in early 2011. stimulated a rich set of ideas, as well as forging new partnerships. Bringing together the public and private sectors in a discursive forum, the workshop identifed a range of emerging issues for the purpose of the framing future research agendas within CEPS. This Briefing Paper is a tangible outcome of that forum, and an example of new levels of engagement between the government, private and research sectors that will assist in deepening our knowledge of the risks to infrastructure, and identify effective strategies of promoting resilience and risk mitigation. Details: Nathan, QLD: ARC Centre of Excellence in Policing and Security, 2011. 6p. Source: Internet Resource: Briefing Paper: Accessed July 20, 2011 at: http://www.ceps.edu.au/files/file/Information%20Technology%20Systems%20.pdf Year: 2011 Country: Australia URL: http://www.ceps.edu.au/files/file/Information%20Technology%20Systems%20.pdf Shelf Number: 122123 Keywords: Critical InfrastructureRisk AssessmentTerrorism |
Author: Cornish, Paul Title: Cyber Security and the UK's Critical National Infrastructure Summary: Government cannot provide all the answers and guarantee national cyber security in all respects for all stakeholders. As a result, Critical National Infrastructure enterprises should seek to take on greater responsibilities and instil greater awareness across their organizations All organizations should look in more depth at their dependencies and vulnerabilities. Awareness and understanding of cyberspace should be 'normalised' and incorporated and embedded into standard management and business practices within and across government and the public and private sectors Cyber terminology should be clear and language proportionate to the threat. It should also encourage a clear distinction to be made between IT mishaps and genuine cyber attacks Research and investment in cyber security are essential to meeting and responding to the threat in a timely fashion. However, cyber security/protection should not be the preserve of IT departments but of senior executive boards, strategists and business leaders and it should be incorporated into all levels of an organization. Details: London: Chatham House, 2011. 50p. Source: Internet Resource: Accessed September 27, 2011 at: http://www.chathamhouse.org/sites/default/files/public/Research/International%20Security/r0911cyber.pdf Year: 2011 Country: United Kingdom URL: http://www.chathamhouse.org/sites/default/files/public/Research/International%20Security/r0911cyber.pdf Shelf Number: 122923 Keywords: Critical InfrastructureCybercrimeCybersecurity (U.K.)Terrorism |
Author: U.S. Government Accountability Office Title: Maritime Security: Coast Guard Should Conduct Required Inspections of Offshore Energy Infrastructure Summary: Congressional interest in the security of offshore energy infrastructure has increased because of the lives lost and the substantial damages that resulted from the Deepwater Horizon incident in April 2010. The U.S. Coast Guard--a component of the Department of Homeland Security (DHS)--is the lead federal agency for maritime security, including the security of offshore energy infrastructure. The Coast Guard oversees two main types of offshore energy infrastructure--facilities on the Outer Continental Shelf (OCS) and deepwater ports. GAO was asked to examine (1) Coast Guard actions to ensure the security of OCS facilities and what additional actions, if any, are needed; (2) Coast Guard actions to ensure the security of deepwater ports and what additional actions, if any, are needed; and (3) what limitations in oversight authority, if any, the Coast Guard faces in ensuring the security of offshore energy infrastructure. GAO reviewed Coast Guard documents, such as inspection records, and relevant laws and regulations and interviewed Coast Guard inspectors and officials, including those at Coast Guard headquarters and the two Coast Guard districts that oversee all OCS facilities and deepwater ports that are subject to security requirements. The Coast Guard has taken actions to address the security of OCS facilities (that is, facilities regulated for security pursuant to 33 C.F.R. part 106), but could improve its process for managing security inspections. For example, the Coast Guard developed a security plan for the Gulf of Mexico, in which all 57 OCS facilities are located, and it reviews security plans developed by the owners and operators of OCS facilities. It has also issued guidance, which states that Coast Guard personnel should conduct security inspections of OCS facilities annually, but has conducted about one-third of these inspections from 2008 through 2010. Further, the Coast Guard does not have procedures in place to ensure that its field units conduct these inspections. Consequently, the Coast Guard may not be meeting one of its stated goals of reducing the risk and mitigating the potential results of an act that could threaten the security of personnel, the OCS facility, the environment, and the public. The Coast Guard also faces challenges in summarizing inspection results. Specifically, its database for storing inspection data has limitations that make it difficult to determine if security inspections were conducted. For example, there is no data field to identify OCS facilities, which makes it difficult to readily analyze whether required inspections were conducted. By addressing some of these challenges, Coast Guard managers could more easily use the data as a management tool to inform decision making. The Coast Guard has also taken actions to ensure the security of the four deepwater ports, but opportunities exist for improvement. The Coast Guard's actions to ensure the security of deepwater ports are similar to actions it has taken to ensure the security of OCS facilities. For example, Coast Guard security plans address security at deepwater ports, and the Coast Guard also reviews security plans developed by the owners and operators of the deepwater ports. However, Coast Guard guidance for deepwater ports does not call for annual security inspections, and it has conducted only one security inspection at a deepwater port from 2008 through 2010. Coast Guard officials said that the Coast Guard plans to begin annual security inspections of deepwater ports in recognition of the risk of a transportation security incident. However, limitations in the Coast Guard's inspection database and lack of guidance available to database users may complicate the Coast Guard's management and oversight of inspections at deepwater ports. For example, the data field for deepwater ports has been incorrectly applied to other types of infrastructure and some deepwater ports are recorded under multiple names. Unless the Coast Guard addresses these database limitations and issues updated guidance to database users, it will be difficult for the Coast Guard to verify that the deepwater ports are complying with applicable maritime security requirements. The Coast Guard has limited authority regarding the security of mobile offshore drilling units (MODU) registered to foreign countries, such as the Deepwater Horizon. The Coast Guard is taking action, though, to gain a fuller understanding of the security risks associated with MODUs by conducting a study to help determine whether additional actions could better ensure the security of offshore energy infrastructure in the Gulf of Mexico, including MODUs. GAO recommends that the Coast Guard develop policies or guidance to ensure that (1) annual security inspections are conducted at OCS facilities and (2) information entered into its database for both OCS facilities and deepwater ports is more useful for management. DHS and the Coast Guard concurred with these recommendations. Details: Washington, DC: GAO, 2011. 59p. Source: Internet Resource: GAO-12-37: Accessed October 31, 2011 at: http://www.gao.gov/new.items/d1237.pdf Year: 2011 Country: United States URL: http://www.gao.gov/new.items/d1237.pdf Shelf Number: 123185 Keywords: Critical InfrastructureMaritime CrimeMaritime Security (U.S.)Risk AssessmentTerrorism |
Author: Saalman, Lora, ed. Title: Integrating Cybersecurity and Critical Infrastructure: National, Regional and International Approaches Summary: There seems to be a consensus that cyberattacks resulting in damage to critical infrastructure, such as hospitals and power grids, are a common threat. However, there is a great deal of disagreement on how to define the parameters of and escalation within this arena. In this volume, six experts from industry, government, academia and the legal sector delve deeper into several key target areas of cybersecurity and critical infrastructure-namely system integrity, the role of the private sector and legal frameworks. Their essays provide a baseline for understanding how these issues are unfolding at the national level in Japan, at the regional level in Europe and at the international level under the United Nations. Contents 1. Introduction 2. System integrity and the national level 3. Private sector and the regional level 4. Legal frameworks and the international level 5. Conclusions Details: Solna, Sweden: Stockholm International Peace Research Institute, 2018, 58p. Source: Internet Resource: Accessed May 7, 2018 at: https://www.sipri.org/sites/default/files/2018-04/integrating_cybersecurity_0.pdf Year: 2018 Country: International URL: https://www.sipri.org/sites/default/files/2018-04/integrating_cybersecurity_0.pdf Shelf Number: 150091 Keywords: Critical InfrastructureCybercrimeCybersecurityNational Security |