Controls for protecting critical information infrastructure from cyberattacks
作者: Tamir Tsegaye , Stephen Flowerday
DOI: 10.1109/WORLDCIS.2014.7028160
关键词: Information security 、 Computer science 、 Information security management 、 Interdependence 、 Security controls 、 Computer security 、 Exploit 、 Hacker 、 Internet privacy 、 Confidentiality 、 The Internet
摘要: Critical information infrastructure has enabled organisations to store large amounts of on their systems and deliver it via networks such as the internet. Users who are connected internet able access various services provided by critical infrastructure. However, some have not effectively secured hackers, disgruntled employees other entities taken advantage this launching cyberattacks They do using cyberthreats exploit vulnerabilities in which fail secure. As a result, steal or damage confidential stored take down websites, preventing information. Despite this, risk strategies can be used implement number security controls: preventive, detective corrective controls, together form system controls. This will ensure that confidentiality, integrity availability is preserved, thus reducing risks controls based General Systems Theory, states elements interdependent contribute operation whole system. Finally, model proposed address insecure
sci-hub.se 参考文章(12)
Herbert J. Mattord, Michael E. Whitman, Principles of Information Security ,(2002)
Julian Jang-Jaccard, Surya Nepal, None, A survey of emerging threats in cybersecurity Journal of Computer and System Sciences. ,vol. 80, pp. 973- 993 ,(2014) , 10.1016/J.JCSS.2014.02.005
Gorazd Praprotnik, Teodora Ivanuša, Iztok Podbregar, eWar - reality of future wars advances in social networks analysis and mining. pp. 1068- 1072 ,(2013) , 10.1145/2492517.2500321
Robert C. Newman, Cybercrime, identity theft, and fraud Proceedings of the 3rd annual conference on Information security curriculum development - InfoSecCD '06. pp. 68- 78 ,(2006) , 10.1145/1231047.1231064
Tao Peng, Christopher Leckie, Kotagiri Ramamohanarao, Survey of network-based defense mechanisms countering the DoS and DDoS problems ACM Computing Surveys. ,vol. 39, pp. 3- ,(2007) , 10.1145/1216370.1216373
Sanjay Goel, Cyberwarfare: connecting the dots in cyber intelligence Communications of The ACM. ,vol. 54, pp. 132- 140 ,(2011) , 10.1145/1978542.1978569
Won Kim, Ok-Ran Jeong, Chulyun Kim, Jungmin So, The dark side of the Internet: Attacks, costs and responses Information Systems. ,vol. 36, pp. 675- 705 ,(2011) , 10.1016/J.IS.2010.11.003
Catherine Everett, None, The lucrative world of cyber-espionage Computer Fraud & Security. ,vol. 2009, pp. 5- 7 ,(2009) , 10.1016/S1361-3723(09)70084-3
Carl Colwill, Human factors in information security: The insider threat – Who can you trust these days? Information Security Technical Report. ,vol. 14, pp. 186- 196 ,(2009) , 10.1016/J.ISTR.2010.04.004
Aviram Jenik, Cyberwar in Estonia and the Middle East Network Security. ,vol. 2009, pp. 4- 6 ,(2009) , 10.1016/S1353-4858(09)70037-6