A Shared Cybersecurity Awareness Platform

• Autorzy: Amanowicz Marek

Identyfikatory

DOI

10.26636/jtit.2021.154421

• Języki publikacji: EN

Abstrakty

EN

Ensuring a good level of cybersecurity of global IT systems requires that specific procedures and cooperation frameworks be adopted for reporting threats and for coordinating the activities undertaken by individual entities. Technical infrastructure enabling safe and reliable online collaboration between all teams responsible for security is an important element of the system as well. With the above taken into consideration, the paper presents a comprehensive distributed solution for continuous monitoring and detection of threats that may affect services that provision is essential to security and broadly understood the state’s economic interests. The said solution allows to collect, process and share distributed knowledge on hazard events. The partnership-based model of cooperation between the system’s users allows the teams to undertake specific activities at the central level, facilitates global cyber threat awareness, and enhances the process of predicting and assessing cyber risks in order to ensure a near-realtime response. The paper presents an overview of the system’s architecture, its main components, features, and threat intelligence tools supporting the safe sharing of information concerning specific events. It also offers a brief overview of the system’s deployment and its testing in an operational environment of NASK’s Computer Security Incident Response Team (CSIRT) and Security Operation Center (SOC) of essential services operators.

Słowa kluczowe

EN

cybersecurity awareness; risk and threat propagation; threat intelligence

• Wydawca: Instytut Łączności - Państwowy Instytut Badawczy
• Czasopismo: Journal of Telecommunications and Information Technology
• Rocznik: 2021
• Tom: nr 3
• Strony: 32--41
• Opis fizyczny: Bibliogr. 17 poz., rys.

Twórcy

autor

Amanowicz Marek

• NASK - National Research Institute, ul. Kolska 12, Warsaw, Poland

• https://orcid.org/0000-0002-9132-5788

Bibliografia

• [1] S. M. Rinaldi, J. P. Peerenboom, and T. K. Kelly, „Identifying, understanding, and analyzing critical infrastructure interdependencies", IEEE Control Syst., vol. 21, no. 6, pp. 11-25, 2001 (DOI: 10.1109/37.969131).
• [2] R. Zimmerman, „Decision-making and the vulnerability of interdependent critical infrastructure", in Proc. IEEE Int. Conf. on Systems, Man and Cybernetics (IEEE Cat. No. 04CH37583), The Hague, Netherlands, vol. 5, 2004, pp. 4059-4063 (DOI: 10.1109/ICSMC.2004.1401166).
• [3] F. Petit and L. P. Lewis, „Incorporating logical dependencies and interdependencies into infrastructure analyses", George Mason University, 2016 [Online]. Available: https://cip.gmu.edu/2016/02/17/incorporating-logical-dependencies-and-interdependencies-into-infrastructure-analyses/
• [4] A. Nieuwenhuijs, E. Luiijf, and M. Klaver, „Modeling dependencies in critical infrastructures", in Proc. IFIP Int. Federation for Informat. Process., 2008, pp. 205-213 (DOI: 10.1007/978-0-387-88523-0 15).
• [5] R. Setola, V. Rosato, E. Kyriakides, and E. Rome, „Managing the complexity of critical infrastructures", vol. 90, Springer Int. Publishing, 2016 (DOI: 10.1007/978-3-319-51043-9).
• [6] C.-H. Han, S.-T. Park, and S.-J. Lee, „The enhanced security control model for critical infrastructures with the blocking prioritization process to cyber threats in power system", Int. J. Crit. Infrastruct. Prot., vol. 26, 2019, (DOI: 10.1016/j.ijcip.2019.100312).
• [7] G. Settanni et al., „A collaborative cyber incident management system for European interconnected critical infrastructures", J. Inf. Secur. Appl., vol. 34, pp. 166-182, 2017 (DOI: 10.1016/j.jisa.2016.05.005).
• [8] „Directive (EU) 2016/1148 of the European Parliament and of the Council concerning measures for a high common level of security of network and information systems across the Union" [Online]. Available: http://data.europa.eu/eli/dir/2016/1448/oj
• [9] ETSI TR 103 456 v1.1.1, „Implementation of the Network and Information Security (NIS) Directive", 2017 [Online]. Available: https://www.etsi.org/deliver/etsi tr/103400 103499/103456/01.01.01 60/tr 103456v010101p.pdf
• [10] CS-AWARE Project, Horizon 2020 Programme [Online]. Available: https://cs-aware.eu
• [11] PROTECTIVE Project, Horizon 2020 Programme [Online]. Available: https://protective-h2020.eu
• [12] S. Puuska et al., „Nationwide critical infrastructure monitoring Rusing a common operating picture framework", Int. J. Crit. Infrastruct. Prot., vol. 20, pp. 28-47, 2018 (DOI: 10.1016/j.ijcip.2017.11.005).
• [13] „Act on the National Cybersecurity System", J. of Laws, item 1560, 2018, [Online]. Available: https://uodo.gov.pl/en/file/307
• [14] M. Kamola et al., „Decision support system for identification and security management of essential and digital services", in Proc. Int. Conf. on Military Commun. and Informat. Systems (ICMCIS), Budva, Montenegro, 2019, pp. 1-7 (DOI: 10.1109/ICMCIS.2019.8842769).
• [15] A. Karbowski et al., „Critical infrastructure risk assessment using Markov chain model", J. Telecommun. Inf. Technol., vol. 2, pp. 15-20, 2019 (DOI: 10.26636/jtit.2019.130819).
• [16] K. Malinowski, A. Karbowski, „Hierarchical online risk assessment at national level", in Proc. Int. Conf. on Military Commun. And Informat. Systems (ICMCIS), Budva, Montenegro, 2019, pp. 1-5 (DOI: 10.1109/ICMCIS.2019.8842731).
• [17] M. Janiszewski et al., „A novel approach to national-level cyber risk assessment based on vulnerability management and threat intelligence", J. Telecommun. Inf. Technol., vol. 2, pp. 5-14, 2019 (DOI: 10.26636/jtit.2019.130919).

Uwagi

Opracowanie rekordu ze środków MNiSW, umowa Nr 461252 w ramach programu "Społeczna odpowiedzialność nauki" - moduł: Popularyzacja nauki i promocja sportu (2021).