Building a Cybersecurity Culture in the Industrial Control System Environment
Building a Cybersecurity Culture in the Industrial Control System Environment
Author(s): Claudia Araujo Macedo, Jos MentingSubject(s): ICT Information and Communications Technologies
Published by: Asociatia Romana pentru Asigurarea Securitatii Informatiei
Keywords: Industrial Control System; cybersecurity culture; training; awareness; security measures framework;
Summary/Abstract: Cybersecurity in industrial control system environments has become a significant concern and is even more relevant in the context of critical infrastructures where control system disruption could have a profound impact on health, safety and the environment. This makes this type of system a major target for malicious activities. Notwithstanding an organization’s interest in protecting its industrial control systems against cyber-attacks, the implementation of security measures, whether technical, organizational or human, still faces resistance and is often seen as a constraint. Using the best technology to protect industrial control systems makes no sense if persons with access do not act attentively and protectively. Technical and human cybersecurity measures are intrinsically linked, and it is essential that all persons with access to these systems are fully aware of the inherent cyber risks. Organizations must also act so that staff receive appropriate training on how to keep systems continuously protected against cyber-attack when carrying out their daily tasks. These educational processes can contribute to building an effective cybersecurity culture fully reflective of management and staff attitudes, so that the availability, integrity and confidentiality of information in industrial control systems can be assured.
Journal: International Journal of Information Security and Cybercrime (IJISC)
- Issue Year: 8/2019
- Issue No: 1
- Page Range: 39-44
- Page Count: 6
- Language: English
- Content File-PDF