Cyber Physical Security Protecting Critical Infrastructure at the State and Local Level 1st edition by Robert Clark, Simon Hakim ISBN 3319328247 9783319328249
Original price was: $50.00.$35.00Current price is: $35.00.
Authors:Robert M. Clark; Simon Hakim , Series:Cyber Security [150] , Tags:Political Science; General; Technology & Engineering; Environmental; Power Resources; History & Theory; Water Supply , Author sort:Clark, Robert M. & Hakim, Simon , Ids:Google; 9783319328249 , Languages:Languages:eng , Published:Published:Aug 2016 , Publisher:Springer , Comments:Comments:This book focuses on the vulnerabilities of state and local services to cyber-threats and suggests possible protective action that might be taken against such threats. Cyber-threats to U.S. critical infrastructure are of growing concern to policymakers, managers and consumers. Information and communications technology (ICT) is ubiquitous and many ICT devices and other components are interdependent; therefore, disruption of one component may have a negative, cascading effect on others. Cyber-attacks might include denial of service, theft or manipulation of data. Damage to critical infrastructure through a cyber-based attack could have a significant impact on the national security, the economy, and the livelihood and safety of many individual citizens. Traditionally cyber security has generally been viewed as being focused on higher level threats such as those against the internet or the Federal government. Little attention has been paid to cyber-security at the state and local level. However, these governmental units play a critical role in providing services to local residents and consequently are highly vulnerable to cyber-threats. The failure of these services, such as waste water collection and water supply, transportation, public safety, utility services, and communication services, would pose a great threat to the public. Featuring contributions from leading experts in the field, this volume is intended for state and local government officials and managers, state and Federal officials, academics, and public policy specialists.
Cyber-Physical Security: Protecting Critical Infrastructure at the State and Local Level 1st edition by Robert M. Clark, Simon Hakim – Ebook PDF Instant Download/Delivery. 3319328247, 978-3319328249
Full download Cyber-Physical Security: Protecting Critical Infrastructure at the State and Local Level 1st Edition after payment
Product details:
ISBN 10: 3319328247
ISBN 13: 978-3319328249
Author: Robert M. Clark, Simon Hakim
Cyber-Physical Security: Protecting Critical Infrastructure at the State and Local Level 1st Table of contents:
1. Introduction to Cyber Security and Governance
1.1 Introduction
1.2 Cyber Security Challenges
1.2.1 US Federal Information Security Responsibilities as Established in Law and Policy
1.2.2 Evolution of US Federal Strategy
1.3 Activities of the US National Governors Association
1.4 US Cyber-Security Research
1.5 International Studies and Research on Cyber-Physical Security
1.6 Summary and Conclusions
References
2. Cybersecurity Terminology and Frameworks
Abstract
2.1 Introduction
2.2 Terminology
2.2.1 Core Terminology
2.2.2 Scope
2.2.3 Assets
2.2.4 Confidentiality
2.2.5 Integrity
2.2.6 Availability
2.3 Risk Assessment Terminology
2.3.1 Threats
2.3.1.1 Threats from People
2.3.1.2 Threats from Other Sources
2.3.2 Vulnerabilities
2.3.3 Probability
2.3.4 Impact
2.4 Risk Treatment Terminology
2.4.1 Risk Acceptance
2.4.2 Risk Avoidance
2.4.3 Risk Treatment/Risk Mitigation
2.4.4 Risk Transfer
2.5 Controls Terminology
2.5.1 Controls Overview
2.5.1.1 Types of Controls
2.5.2 ISO 27001/ISO 27002
2.6 Requirements of the ISO 27001 Information Security Management System
2.6.1 Context
2.6.2 Interested Parties
2.6.3 Leadership and Commitment
2.6.4 Policy
2.6.5 Organizational Roles, Responsibilities, and Authorities
2.6.6 Planning
2.6.6.1 Actions to Address Risks and Opportunities
2.6.6.2 Information Security Risk Assessment
2.6.6.3 Information Security Risk Treatment
2.6.6.4 Information Security Objectives and Planning to Achieve Them
2.6.7 Support
2.6.7.1 Competence
2.6.7.2 Awareness
2.6.7.3 Communication
2.6.7.4 Documented Information
2.6.8 Operation
2.6.8.1 Operational Planning and Control
2.6.8.2 Information Security Risk Assessment
2.6.8.3 Information Security Risk Treatment
2.6.9 Performance Evaluation
2.6.9.1 Monitoring, Measurement, Analysis, and Evaluation
2.6.9.2 Internal Audit
2.6.9.3 Management Review
2.6.10 Improvement
2.6.10.1 Nonconformity and Corrective Action
2.6.10.2 Continual Improvement
2.7 NIST Computer Security Resource Center
2.8 NIST Framework for Improving Critical Infrastructure Cybersecurity
2.8.1 Framework Core
2.8.1.1 Core Functions
2.8.1.2 Identify
2.8.1.3 Protect
2.8.1.4 Detect
2.8.1.5 Respond
2.8.1.6 Recover
2.8.2 Framework Profile
2.8.3 Implementation Tiers
2.9 NIST Special Publication 800-82—Guide to Industrial Control Systems (ICS) Security
2.9.1 Administrative or Directive Controls
2.9.2 Preventive Controls
2.9.3 Detective Controls
2.9.4 Corrective Controls
2.10 Comparison of Controls
2.11 Summary and Conclusions
References
3. Assessing Cyber Threats and Solutions for Municipalities
Abstract
3.1 Introduction
3.2 Cyberspace as Critical Infrastructure
3.3 Threats to the Physical Plant and Information Technology
3.3.1 The Physical Plant
3.3.2 Information and Communication Technology
3.4 Understanding External Adversaries in Cyberspace
3.4.1 Foreign Governments: Intelligence and Military Services
3.4.2 Terrorism
3.4.3 Cybercrime
3.4.4 Hacking and Hacktivism
3.5 How Can Municipal Governments Respond?
3.5.1 ICT Risk Management System
3.5.2 Network Security
3.5.3 Education and Awareness
3.5.4 Malicious Software or Malware
3.5.5 Remote Work (Telecommuting) and Private Devices
3.5.6 User Privileges
3.5.7 Private, Public Partnerships
3.6 Conclusion
4. Cyber Perimeters for Critical Infrastructures
Abstract
4.1 Introduction
4.2 History of Control System/Corporate Network Integration
4.3 Traditional Network Perimeter Security
4.4 Limitations of Firewalls
4.4.1 Phishing and Watering-Hole Attacks
4.4.2 Stealing Passwords
4.4.3 Compromising Trusted, External Systems
4.4.4 Forwarding Attack Packets
4.4.5 Attack through a VPN
4.4.6 Firewall Vulnerabilities
4.4.7 Errors and Omissions
4.4.8 Forged IP Addresses
4.4.9 Bypass the Firewall
4.4.10 Removable Media
4.5 Traditional Control-System Security Advice
4.5.1 Perimeter Hardening
4.5.2 Host Hardening
4.5.3 Personnel
4.5.4 Intrusion Detection
4.5.5 Limitations of Traditional Advice
4.6 Modern Alternatives to Firewalls
4.6.1 Unidirectional Gateways
4.6.2 Unidirectional Gateway Security
4.6.3 Emulating Devices
4.6.4 The FLIP
4.6.5 Inbound and Outbound Gateways
4.7 Remote Access
4.7.1 Compromising Remote Access
4.7.2 Remote Screen View
4.7.3 Central Engineering Sites
4.8 Evolving Standards and Best-Practice Advice
4.8.1 NERC CIP
4.8.2 ANSSI Standards
4.8.3 Other Standards
4.9 Analysis: Why Are the Lights Still On?
4.10 Summary
4.10.1 Emerging Issues
4.10.2 Looking Forward
References
5. A Security Evaluation of a Municipal Computer Network: The Case of Collaboration Between the City
Abstract
5.1 Introduction
5.2 The Creation of a Partnership
5.3 City of Pittsburgh Leveraging Its Resources
5.4 The Students Begin
5.5 Review of Policies and Procedures
5.6 The Students Reveal the Vulnerabilities
5.7 Lessons Learned
5.8 Conclusion
Acknowledgments
References
6. Cyber Risks in the Marine Transportation System
Abstract
6.1 Introduction
6.2 Computer Use in the MTS
6.3 The U.S. Coast Guard Strategic Approach
6.3.1 Principles of the Coast Guard’s Prevention Program
6.3.2 Response, Investigation, and Recovery
6.3.3 How Can Vessel and Facility Operators Manage Cyber Risks?
6.3.3.1 Risk Assessment
6.3.3.2 Risk Mitigation
6.3.3.3 Risk Management
6.3.4 Information Sharing
6.3.4.1 State and Local Involvement
6.4 Ongoing and Future Coast Guard Cyber Activity
6.5 Summary and Conclusion
Appendix A—Cyber Risk Bowtie Model
Appendix B—Cyber Security Roles and Responsibilities
Appendix C—A Cyber Safe Port: A Hypothetical But Hopeful Case Study
References
7. Creating a Cyber Security Culture for Your Water/Waste Water Utility
Abstract
7.1 Introduction
7.2 The Water Sector Profile
7.2.1 Private Sector Water/Wastewater Utilities
7.2.2 Public Sector Water/Wastewater Utilities
7.3 The Threat Environment
7.3.1 The Current Threat Landscape
7.3.2 Cybersecurity Threats to the Water Sector
7.3.3 The Future Threat Landscape
7.4 An Integrated Cyber Security Framework
7.4.1 The Need for Organizational Change
7.4.2 Cultivating Cybersecurity Awareness Across the Organization
7.4.3 Information Sharing and Communication
7.4.4 Cyber Security Workforce Development
7.4.5 Threat Mitigation Strategies
7.5 Conclusion
People also search for Cyber-Physical Security: Protecting Critical Infrastructure at the State and Local Level 1st :
cyber-physical security of a smart grid infrastructure
cyber physical systems security a survey
physical attacks in cyber security
what is an example of physical security in cyber security
difference between physical security and cyber security
You may also like…
