Skip to main content
SpringerLink
Log in

Resilience Approach to Critical Information Infrastructures

  • Chapter
  • First Online:
Critical Infrastructure Security and Resilience

Abstract

This chapter discusses new societal risk due to the fast information and communication as well as operational technology changes which are not yet fully taken into account by governmental policymakers and regulators. Internet-of-things, cloud computing, mass consumer markets and embedded operational technologies are some of the areas outlined in this chapter which may be the cause for serious disruptions of critical infrastructures, critical information infrastructures, essential services, and the undisturbed functioning of the society. Current national protection approaches mainly focus on the classical telecommunication sector and the stove-piped critical sectors such as energy, health, transport, etcetera. This chapter argues that a change of mind and actions are needed to properly govern the new cyber risk before serious incidents occur and that such a new approach is urgently needed to make the societies at large more resilient.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 129.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Hardcover Book
USD 169.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    Operational technology (OT) according to [3] is the technology commonly found in cyber-physical systems that is used to manage physical processes and actuation through the direct sensing, monitoring and or control of physical devices. OT generally monitors and controls physical processes with sensors and actuators such as motors, valves, and pumps.

References

  1. Bevir M (2012) Governance: a very short introduction. Oxford University Press, Oxford

    Book  Google Scholar 

  2. Boemer JC et al (2011) Overview of German grid issues and retrofit of photovoltaic power plants in Germany for the prevention of frequency stability problems in abnormal system conditions of the ENTSO-E region continental Europe. In: 1st international workshop on integration of solar power into power systems, p 6

    Google Scholar 

  3. Boyes H, Isbell R (2017) Code of practice cyber security for ships. London, United Kingdom

    Google Scholar 

  4. CIPedia(c) (n.d.). Available at: http://www.cipedia.eu. Accessed 18 June 2018

  5. CISCO (n.d.) Internet of Things (IoT). Available at: https://www.cisco.com/c/en/us/solutions/internet-of-things/overview.html. Accessed 16 June 2018

  6. DHS (2017) Critical infrastructure sectors. Available at: https://www.dhs.gov/critical-infrastructure-sectors

  7. ENISA (2017) Considerations on ICT security certification in EU Survey Report. Heraklion, Greece https://doi.org/10.2824/090677

  8. European Commission (2016) Directive (EU) 2016/1148 of the European Parliament and of the Council of 6 July 2016 concerning measures for a high common level of security of network and information systems across the Union. Brussels, Belgium. Available at: http://data.europa.eu/eli/dir/2016/1148/oj

  9. European Commission (2017) Proposal for a Regulation of the European Parliament and of the Council establishing a framework for screening of foreign direct investments into the European Union. Brussels, Belgium. Available at: https://ec.europa.eu/transparency/regdoc/rep/1/2017/EN/COM-2017-487-F1-EN-MAIN-PART-1.PDF

  10. Fisher D (2017) BrickerBot, Mirai and the IoT Malware Knife Fight. Digital Guardian blog. 26 April. Available at: https://digitalguardian.com/blog/brickerbot-mirai-and-iot-malware-knife-fight.

  11. Justicenews (2015) Facebook outage sparks calls to 911. Justice Bews Flash. 27 January. Available at: http://www.justicenewsflash.com/2015/02/02/facebook-outage-sparks-calls-to-911_20150202133988.html.

  12. Luiijf E, Klaver M (2015) Governing critical ICT: elements that require attention. Eur J Risk Regul 6(2):263–270. https://doi.org/10.1017/S1867299X00004566

    Article  Google Scholar 

  13. Luiijf E, Van Schie T, Van Ruijven T (2017) Companion document to the GFCE-MERIDIAN good practice guide on critical information infrastructure protection for governmental policy-makers. The Hague, Netherlands. Available at: https://www.thegfce.com/good-practices/documents/publications/2017/10/30/companion-document-to-the-gfce-meridian-good-practice-guide-on-ciip

  14. Ministry of Security and Justice (2011) Dossier DigiNotar webpage, Dossier DigiNotar. Available at: https://www.ncsc.nl/english/current-topics/Files/dossier-diginotar.html.

  15. Olenick D (2018) Researchers uncover BranchScope, a new Intel processor vulnerability. SC Magazine, 27 March. Available at: https://www.scmagazine.com/researchers-uncover-branchscope-a-new-intel-processor-vulnerability/article/754159/

  16. StasV&W (2001) Nota Kwetsbaarheid op internet (KWINT). The Hague, The Netherlands: Tweede Kamer der Staten Generaal. Available at: https://zoek.officielebekendmakingen.nl/dossier/26643/kst-26643-30

  17. The Council of the European Union (2008) Council Directive 2008/114/EC of 8 December 2008 on the indentification and designation of European critical infrastructures and the assessment of the need to improve their protection. Off J Eur Union 75–82

    Google Scholar 

  18. TNO (2017) Truck platooning technology ready for the public roads. The Hague, The Netherlands. Available at: https://www.tno.nl/en/about-tno/news/2017/10/truck-platooning-technology-ready-for-the-public-roads/. Accessed 18 June 2018

  19. Touton L (2002) IANA handling of root-zone changes. Available at: http://www.dnso.org/clubpublic/council/Arc11/msg00123.html.

  20. Vanhoef M, Piessens F (2017) Key reinstallation attacks: forcing nonce reuse in WPA2. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security (CCS 2017). ACM, pp. 1313–1328. Available at: https://lirias.kuleuven.be/handle/123456789/620017

  21. Wagenseil P (2014) Heartbleed: who was affected, what to do now. Tom’s Guident, April. Available at: https://www.tomsguide.com/us/heartbleed-bug-to-do-list,news-18588.html.

Download references

Acknowledgments

This chapter is a follow-up on earlier work by the authors in the domain of legal risk regulation which was published in [12].

Author information

Authors and Affiliations

  1. Luiijf Consultancy, Zoetermeer, The Netherlands

    Eric Luiijf

  2. Netherlands Organisation for Applied Scientific Research TNO, The Hague, The Netherlands

    Marieke Klaver

Authors
  1. Eric Luiijf
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Marieke Klaver
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Eric Luiijf .

Editor information

Editors and Affiliations

  1. Department of Informatics, Athens University of Economics and Business, Athens, Greece

    Dimitris Gritzalis

  2. Directorate E. Space, Security and Migration European Commission – Joint Research Centre, Ispra, Italy

    Marianthi Theocharidou

  3. Department of Informatics, Athens University of Economics and Business, Athens, Greece

    George Stergiopoulos

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Luiijf, E., Klaver, M. (2019). Resilience Approach to Critical Information Infrastructures. In: Gritzalis, D., Theocharidou, M., Stergiopoulos, G. (eds) Critical Infrastructure Security and Resilience. Advanced Sciences and Technologies for Security Applications. Springer, Cham. https://doi.org/10.1007/978-3-030-00024-0_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-00024-0_1

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-00023-3

  • Online ISBN: 978-3-030-00024-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation