Home > Research > Publications & Outputs > A Framework to Support ICS Cyber Incident Respo...

Electronic data

  • iscram

    Final published version, 332 KB, PDF document

View graph of relations

A Framework to Support ICS Cyber Incident Response and Recovery

Research output: Contribution to conference - Without ISBN/ISSN Conference paper

Published
Publication date24/05/2020
Number of pages14
<mark>Original language</mark>English
Eventthe 17th International Conference on Information Systems for Crisis Response and Management - Virginia Tech, Blacksburg, United States
Duration: 24/05/202027/05/2020
https://www.drrm.fralinlifesci.vt.edu/iscram2020/index.php

Conference

Conferencethe 17th International Conference on Information Systems for Crisis Response and Management
Abbreviated titleISCRAM 2020
CountryUnited States
CityBlacksburg
Period24/05/2027/05/20
Internet address

Abstract

During the past decade there has been a steady increase in cyber attacks targeting Critical National Infrastructure. In order to better protect against an ever-expanding threat landscape, governments, standards bodies, and a plethora of industry experts have produced relevant guidance for operators in response to incidents. However, in a context where safety, reliability, and availability are key, combined with the industrial nature of operational systems, advice on the right practice remains a challenge. This is further compounded by the volume of available guidance, raising questions on where operators should start, which guidance set should be followed, and how confidence in the adopted approach can be established. In this paper, an analysis of existing guidance with a focus on cyber incident response and recovery is provided. From this, a work in progress framework is posited, to better support operators in the development of response and recovery operations.