Skip to main content
SpringerLink
Log in

Integrated Security Management of Public and Private Sector for Critical Infrastructures – Problem Investigation

  • Conference paper
  • First Online:
Business Information Systems Workshops (BIS 2021)

Part of the book series: Lecture Notes in Business Information Processing ((LNBIP,volume 444))

Included in the following conference series:

Abstract

The interaction between security management in public and private organisations includes complex challenges. In particular in critical infrastructure sectors, there is a need for instruments that enable the holistic and overarching management of private and public providers. Cross-organisational structures and processes should be defined, but are difficult to establish in federal governmental structures due to different legislative levels and scopes. The paper investigates this challenge using Germany and the Free Hanseatic City of Bremen as example.

The study proposes the development of an “Enterprise Architecture Framework” integrating and overarching the organizational structurers for both, a federal state, its municipalities and the (private) critical infrastructure providers in these municipalities. The main contributions of this paper are based on the results of an interview study. The interview partners were representatives of enterprises and public bodies covered by the federal IT security regulations. The contribution of the paper is the identification of security management challenges for services of general interest and how to increase the resilience of public service providers. Cybersecurity management in the context of public institutions is in focus.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 59.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 74.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    BSI = Federal Office for Information Security. Kritis = Critical Infrastructure Protection.

References

  1. Ahlemann, F., Stettiner, E., Messerschmidt, M., Legner, C. (eds.): Strategic Enterprise Architecture Management. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-24223-6

    Book  Google Scholar 

  2. Buckl, S., Dierl, T., Matthes, F., Schweda, C.M.: Building blocks for enterprise architecture management solutions. In: Practice-Driven Research on Enterprise Transformation, Lecture Notes in Business Information Processing, vol. 69, pp. 17–46 (2011)

    Google Scholar 

  3. Glissmann, S., Sanz, J.: An approach to building effective enterprise architectures. In: HICSS 2011, IEEE Computer Society 2011, Washington, D.C., pp. 1–10 (2011)

    Google Scholar 

  4. Johnson, P., Lagerström, R., Närman, P., Simonsson, M.: Enterprise architecture analysis with extended influence diagrams. Inf. Syst. Front. 9(2–3), 163–180 (2007)

    Article  Google Scholar 

  5. Johnson, P., Ekstedt, M., Silva, E., Plazaola, L.: Using enterprise architecture for CIO decision-making. In: Second Annual Conference on Systems Engineering Research (2004)

    Google Scholar 

  6. Simonsson, M., Johnson, P., Ekstedt, M.: The effect of IT governance maturity on IT governance performance. Inf. Syst. Manag. 27(1), 10–24 (2010)

    Article  Google Scholar 

  7. Wißotzki, M., Sandkuhl, K.: Elements and characteristics of enterprise architecture capabilities. In: Matulevičius, R., Dumas, M. (eds.) BIR 2015. LNBIP, vol. 229, pp. 82–96. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-21915-8_6

    Chapter  Google Scholar 

  8. Szilagyi, T.: Enterprise Architecture Management and Digitization in the German Public Sector. Literature Analysis. Universität Rostock, Rostock (2018)

    Google Scholar 

  9. Pang, M.S.: IT governance and business value in the public sector organizations - the role of elected representatives in IT governance and its impact on IT value in US state governments. Dec. Supp. Syst. 59, 274–285 (2014)

    Article  Google Scholar 

  10. Ali, S., Green, P.: IT governance mechanisms in public sector organisations: an Australian context. J. Glob. Inf. Manag. 15, 41–63 (2007)

    Article  Google Scholar 

  11. Janssen, M., Hjort-Madsen, K.: Analyzing enterprise architecture in national governments: the cases of Denmark and the Netherlands. In: HICSS 2007, IEEE Computer Society 2007, Washington, D.C. (2007)

    Google Scholar 

  12. Valtonen, M.K.: Management structure based government enterprise architecture framework adaption in situ. In: Poels, G., Gailly, F., Serral Asensio, E., Snoeck, M. (eds.) PoEM 2017. LNBIP, vol. 305, pp. 267–282. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-70241-4_18

    Chapter  Google Scholar 

  13. Johannesson, P., Perjons, E.: An Introduction to Design Science. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-10632-8

  14. Seigerroth, U.: Enterprise modeling and enterprise architecture: constituents of transformation and alignment of business and IT. IJITBAG 2(1), 16–34 (2011)

    Google Scholar 

  15. Bundesgesetzblatt. Gesetz zur Erhöhung der Sicherheit Informationstechnischer Systeme, 17 July 2015. Nordrhein Westfalen, Bonn, Deuschland (2015)

    Google Scholar 

  16. Katastrophenhilfe, B.F.: Handlungsempfehlungen für Unternehmen, insbesondere Betreiber kritischer Infrastrukturen (2021). https://www.kritis.bund.de/SharedDocs/Downloads/Kritis/DE/200302_HinweisePandemie.pdf?__blob=publicationFile

  17. Wichum, R.: Cybersecurity. In: Kasprowicz, D., Rieger, S. (eds.) Handbuch Virtualität, pp. 669–680. Springer, Wiesbaden (2020). https://doi.org/10.1007/978-3-658-16342-6_36

    Chapter  Google Scholar 

  18. Lühr, H.: Brauchen wir eine neue Staatskunst. Kellner Verlag, Bremen (2019)

    Google Scholar 

  19. Mayring, P.: Qualitative Inhaltsanalyse, Grundlagen und Techniken. Beltz Verlag, Weinheim und Basel (2008)

    Google Scholar 

  20. Rates, R.: Maßnahmen zur Gewährleistung eines hohen gemeinsamen Sicherheitsniveaus von Netz- und Informationssystemen, 06 July 2021. Europäische Union, Straßburg, Frankreich (2016)

    Google Scholar 

  21. Rehbohm, T., Sandkuhl, K., Kemmerich, T.: On challenges of cyber and information security management in federal structures-the example of German Public administration. In: BIR Workshops, pp. 1–13 (2019). http://ceur-ws.org/Vol-2443/paper01.pdf

Download references

Author information

Authors and Affiliations

  1. Institute of Computer Science, University of Rostock, Rostock, Germany

    Thomas Rehbohm, Kurt Sandkuhl & Clemens H. Cap

  2. Technologie-Zentrum Informatik und Informationstechnik, University of Bremen, Bremen, Germany

    Thomas Kemmerich

  3. Norwegian University of Science and Technology, Trondheim, Norway

    Thomas Kemmerich

  4. Jönköping University, Jönköping, Sweden

    Kurt Sandkuhl

Authors
  1. Thomas Rehbohm
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Kurt Sandkuhl
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Clemens H. Cap
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Thomas Kemmerich
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Kurt Sandkuhl .

Editor information

Editors and Affiliations

  1. Poznań University of Economics and Business, Poznan, Poland

    Witold Abramowicz

  2. TIB Leibniz Information Center Science and Technology and University of Hannover, Hannover, Germany

    Sören Auer

  3. Poznań University of Economics and Business, Poznan, Poland

    Milena Stróżyna

Rights and permissions

Reprints and permissions

Copyright information

© 2022 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Rehbohm, T., Sandkuhl, K., Cap, C.H., Kemmerich, T. (2022). Integrated Security Management of Public and Private Sector for Critical Infrastructures – Problem Investigation. In: Abramowicz, W., Auer, S., Stróżyna, M. (eds) Business Information Systems Workshops. BIS 2021. Lecture Notes in Business Information Processing, vol 444. Springer, Cham. https://doi.org/10.1007/978-3-031-04216-4_26

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-04216-4_26

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-04215-7

  • Online ISBN: 978-3-031-04216-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation