Towards Building National Cybersecurity Awareness

Authors

  • Marek Amanowicz NASK-PIB

Abstract

The paper depicts a complex, distributed information system aimed at promoting cybersecurity awareness at the national level. The system, that is built in accordance with the Act on National Cybersecurity, passed by the Polish Parliament, enables collecting and processing in near-real time available information on the security status of essential services and digital services and, also, provides for assessment of negative impact of the identified threats concerned with the provision of those services. Advanced access control and dissemination mechanisms, for secure information sharing within the system, are provided in order to aggregate distributed knowledge and use this information for on-line security risk analysis and for generation and distribution  of early warnings.

References

S. M. Rinaldi, J. P. 4Peerenboom, T. K. Kelly, “Identifying, understanding, and analyzing critical infrastructure interdependencies,” IEEE Control Systems Magazine, vol. 21, no. 6, 2001, pp. 11 – 25.

R. Zimmerman, “Decision-making and the vulnerability of interdependent critical infrastructure”, in: Proceedings of the IEEE International Conference on Systems, Man and Cybernetics , vol. 5, The Hague, 2004, pp. 4059 – 4063

F. Petit et al., “Analysis of critical infrastructure dependencies and interdependencies”, Technical Report, Agronne National Laboratory, ANL/GSS-15/4, 2015.

J. Banerjee, A. Das, A. Sen, “A Survey of Interdependency Models for Critical Infrastructure Networks”, Cornell University, arXiv:1702.05407v1 [physics.soc-ph], 2017.

Skopik, G. Settanni, R. Fiedler, “A problem shared is a problem Halved: A survey on the dimensions of collective cyber defence through security information sharing”, Computers & Security vol. 60, 2016, pp. 154 – 176.

S. Puuska et al., “Nationwide critical infrastructure monitoring using a common operating picture framework”, International Journal of Critical Infrastructure Protection, vol.20, 2018, pp. 28 – 47.

G. Settanni et al., “A collaborative cyber incident management system for European interconnected critical infrastructure”, Journal of Information Security and Applications, vol. 34, 2017, pp. 166 – 182.

Directive (EU) 2016/1148 of the European Parliament and of the Council concerning measures for a high common level of security of network and information systems across the Union, (https://eur-lex.europa.eu/eli/dir/2016/1148/oj).

ETSI, Implementation of the Network and Information Security (NIS) Directive, Technical Report 103 456 v1.1.1 (2017-10).

R. Wróbel, “Dependencies of elements recognized as critical infrastructure of the state:, in: Transportation and Research Procedia, vol. 40, 2019, pp. 1625 – 1632.

B. Wu, A. Tang, J. Wu, “Modeling cascading failures in interdependent infrastructures under terrorist attacks,” Reliability Engineering & System Safety, vol. 147, 2016, pp. 1 – 8.

M. Ouyang, “Critical location identification and vulnerability analysis of interdependent infrastructure systems under spatially localized attacks

Reliability Engineering & System Safety, vol. 154, 2016, pp. 106 – 116.

R. Zimmerman, C. Restrepo, “Analyzing cascading effects within infrastructure sectors for consequence reduction”, in: Proceedings of the IEEE Conference on Technologies for Homeland Security, Boston, 2009, pp. 165 – 170.

M. Kamola, “Sensitivity of Importance Metrics for Critical Digital Services Graph to Service Operators’ Self-Assessment Errors”, Security and Communication Networks, 2019, doi.org/10.1155/2019/7510809.

M. Kamola et al., “Decision Support System for Identification and Security Management of Essential and Digital Services”, in: Proceedings of International Conference on Military Communications and Information Systems, Budva, 2019, DOI: 10.1109/ICMCIS.2019.8842769.

A. Karbowski et al., “Critical Infrastructure Risk Assessment Using Markov Chain Model”, Journal of Telecommunications and Information Technology, No.2, 2019, pp. 15 – 20.

K. Malinowski, A. Karbowski, “Hierarchical On-line Risk Assessment at National Level”, in: Proceedings of International Conference on Military Communications and Information Systems, Budva, 2019, DOI: 10.1109/ICMCIS.2019.8842769, DOI:10.1109/ICMCIS.2019.8842731.

M. Janiszewski, A. Felkner, P. Lewandowski, “A Novel Approach to National-level Cyber Risk Assessment Based on Vulnerability Management and Threat Detection”, Journal of Telecommunications and Information Technology, No 2, 2019, pp. 5 – 14.

Downloads

Published

2024-04-19

Issue

Section

Security, Safety, Military