File:Analysis of Energy Delivery Sector Malware Attack Response Mechanisms (IA analysisofenergy1094563187).pdf
Original file (1,275 × 1,650 pixels, file size: 4.58 MB, MIME type: application/pdf, 183 pages)
Captions
Captions
Summary[edit]
Analysis of Energy Delivery Sector Malware Attack Response Mechanisms
(   ) |
|
|---|---|
| Author |
Sapienza, Michael |
| Title |
Analysis of Energy Delivery Sector Malware Attack Response Mechanisms |
| Publisher |
Monterey, California. Naval Postgraduate School |
| Description |
Recent cyberattacks on the electricity grids in the U.S. and Ukraine, the rise of malware tailored to industrial control systems, failure of basic sanitary and life-saving systems
after prolonged power outages, economic losses numbering in the billions: these are the consequences of malware attacks on critical infrastructure sectors across the globe. New
and continuously evolving cyber threats demand new and better response mechanisms to mitigate their effects. However, critical infrastructure sectors, and the electricity
subsector in particular, are faced with the enormous challenge of identifying gaps in their extremely complex cyber incident response mechanisms.
This thesis takes a novel, systems-level approach to pinpoint deficiencies in incident response mechanisms of the U.S. electricity sector. An analysis of current and future external
influences on the electricity sector validates that malware threats and vulnerabilities are rapidly evolving and are already outpacing the sector's ability to adapt its cyber incident
response mechanisms. Using the Architecting Innovative Enterprise Strategies (ARIES) Framework to explore current incident response mechanisms reveals that the traditional,
all-hazards approach to major incident response is insufficient to keep the grid secure. Instead, improvements in cyber incident response strategies, processes, organizations,
information flow, products, and services are all necessary to overcome the disparity. Most importantly, the systems-level approach exposes the culture of cybersecurity in the
sector is the systemic driver of those shortfalls and must be the primary consideration for improvement to the electricity sector's cyber incident response mechanisms.
|
| Language | English |
| Publication date | September 2019 |
| Current location |
IA Collections: navalpostgraduateschoollibrary; fedlink |
| Accession number |
analysisofenergy1094563187 |
| Source | |
| Permission (Reusing this file) |
This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States. |
Licensing[edit]
|
This work is in the public domain in the United States because it is a work prepared by an officer or employee of the United States Government as part of that person’s official duties under the terms of Title 17, Chapter 1, Section 105 of the US Code.
Note: This only applies to original works of the Federal Government and not to the work of any individual U.S. state, territory, commonwealth, county, municipality, or any other subdivision. This template also does not apply to postage stamp designs published by the United States Postal Service since 1978. (See § 313.6(C)(1) of Compendium of U.S. Copyright Office Practices). It also does not apply to certain US coins; see The US Mint Terms of Use.
|
 |
| This file has been identified as being free of known restrictions under copyright law, including all related and neighboring rights. | ||
File history
Click on a date/time to view the file as it appeared at that time.
| Date/Time | Thumbnail | Dimensions | User | Comment | |
|---|---|---|---|---|---|
| current | 06:57, 14 July 2020 |  | 1,275 × 1,650, 183 pages (4.58 MB) | Fæ (talk | contribs) | FEDLINK - United States Federal Collection analysisofenergy1094563187 (User talk:Fæ/IA books#Fork8) (batch 1993-2020 #6419) |
You cannot overwrite this file.
File usage on Commons
The following page uses this file: