Skip to main content
SpringerLink
Log in

Zebras and Lions: Better Incident Handling Through Improved Cooperation

  • Conference paper
  • First Online:
Innovations for Community Services (I4CS 2016)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 648))

Included in the following conference series:

Abstract

The ability to appropriately prepare for, and respond to, information security incidents, is of paramount importance, as it is impossible to prevent all possible incidents from occurring. Current trends show that the power and automation industry is an attractive target for hackers. A main challenge for this industry to overcome is the differences regarding culture and traditions, knowledge and communication, between Information and Communication Technology (ICT) staff and industrial control system staff. Communication is necessary for knowledge transfer, which in turn is necessary to learn from previous incidents in order to improve the incident handling process. This article reports on interviews with representatives from large electricity distribution service operators, and highlights challenges and opportunities for computer security incident handling in the industrial control system space.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    see http://www.symantec.com/connect/blogs/w32stuxnet-dossier.

  2. 2.

    Although this is generally no longer the case.

  3. 3.

    A bug is a programming error, while a flaw is a more high-level architecture or design error.

  4. 4.

    http://www.first.org/.

  5. 5.

    https://www.kraftcert.no/.

  6. 6.

    http://www.securityincidents.org/.

References

  1. Line, M.B.: A case study: preparing for the smart grids - identifying current practice for information security incident management in the power industry. In: 2013 Seventh International Conference on IT Security Incident Management and IT Forensics (IMF), pp. 26–32 (2013)

    Google Scholar 

  2. Line, M.B., Tøndel, I.A., Jaatun, M.G.: Information security incident management: planning for failure. In: Proceedings of the 2014 Eighth International Conference on IT Security Incident Management and IT Forensics, pp. 47–61. IEEE Computer Society (2014)

    Google Scholar 

  3. Line, M.B., Tøndel, I.A., Jaatun, M.G.: Current practices and challenges in industrial control organizations regarding information security incident management - does size matter? Information security incident management in large and small industrial control organizations. Int. J. Crit. Infrastruct. Prot. 12, 12–26 (2016)

    Article  Google Scholar 

  4. ISO/IEC 27035:2011 Information technology - Security techniques - Information security incident management. ISO/IEC (2011)

    Google Scholar 

  5. Tøndel, I.A., Line, M.B., Jaatun, M.G.: Information security incident management: current practice as reported in the literature. Comput. Secur. 45, 42–57 (2014)

    Article  Google Scholar 

  6. Wei, D., Lu, Y., Jafari, M., Skare, P.M., Rohde, K.: Protecting smart grid automation systems against cyberattacks. IEEE Trans. Smart Grid 2, 782–795 (2011)

    Article  Google Scholar 

  7. Jaatun, M.G., Albrechtsen, E., Line, M.B., Tøndel, I.A., Longva, O.H.: A framework for incident response management in the petroleum industry. Int. J. Crit. Infrastruct. Prot. 2, 26–37 (2009)

    Article  Google Scholar 

  8. Werlinger, R., Muldner, K., Hawkey, K., Beznosov, K.: Preparation, detection, and analysis: the diagnostic work of IT security incident response. Inf. Manag. Comput. Secur. 18, 26–42 (2010)

    Google Scholar 

  9. Ahmad, A., Hadgkiss, J., Ruighaver, A.B.: Incident response teams – Challenges in supporting the organisational security function. Comput. Secur. 31, 643–652 (2012)

    Article  Google Scholar 

  10. Line, M.B.: Understanding information security incident management practices: a case study in the electric power industry. Ph.D. Thesis, NTNU (2015)

    Google Scholar 

  11. Bartnes, M., Moe, N.B., Heegaard, P.E.: The future of information security incident management training: a case study of electrical power companies, Computers and Security (2016)

    Google Scholar 

Download references

Acknowledgments

The authors would like to thank the distribution system operators who have contributed with informants for our interviews. This research has been supported by the Norwegian Research Council through the projects DeVID and Flexnett.

Author information

Authors and Affiliations

  1. Department of Software Engineering, Safety and Security, SINTEF ICT, Trondheim, Norway

    Martin Gilje Jaatun & Inger Anne Tøndel

  2. SINTEF Group Head Office, Trondheim, Norway

    Maria Bartnes

Authors
  1. Martin Gilje Jaatun
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Maria Bartnes
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Inger Anne Tøndel
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Martin Gilje Jaatun .

Editor information

Editors and Affiliations

  1. University of Hagen, Hagen, Germany

    Günter Fahrnberger

  2. Telekom Innovation Laboratories, Deutsche Telekom AG, Darmstadt, Hessen, Germany

    Gerald Eichler

  3. EAH Jena, Jena, Germany

    Christian Erfurth

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer International Publishing AG

About this paper

Cite this paper

Jaatun, M.G., Bartnes, M., Tøndel, I.A. (2016). Zebras and Lions: Better Incident Handling Through Improved Cooperation. In: Fahrnberger, G., Eichler, G., Erfurth, C. (eds) Innovations for Community Services. I4CS 2016. Communications in Computer and Information Science, vol 648. Springer, Cham. https://doi.org/10.1007/978-3-319-49466-1_9

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-49466-1_9

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-49465-4

  • Online ISBN: 978-3-319-49466-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation