Home > Research > Publications & Outputs > A Framework to Support ICS Cyber Incident Respo...

Research

Associated organisational units

Electronic data

  • iscram

    Final published version, 332 KB, PDF document

Keywords

View graph of relations

A Framework to Support ICS Cyber Incident Response and Recovery

Research output: Contribution to conference - Without ISBN/ISSN Conference paperpeer-review

Published

Standard

A Framework to Support ICS Cyber Incident Response and Recovery. / Staves, Alex; Balderstone, Harry; Green, Benjamin et al.
2020. Paper presented at the 17th International Conference on Information Systems for Crisis Response and Management, Blacksburg, United States.

Research output: Contribution to conference - Without ISBN/ISSN Conference paperpeer-review

Harvard

Staves, A, Balderstone, H, Green, B, Gouglidis, A & Hutchison, D 2020, 'A Framework to Support ICS Cyber Incident Response and Recovery', Paper presented at the 17th International Conference on Information Systems for Crisis Response and Management, Blacksburg, United States, 24/05/20 - 27/05/20.

APA

Staves, A., Balderstone, H., Green, B., Gouglidis, A., & Hutchison, D. (2020). A Framework to Support ICS Cyber Incident Response and Recovery. Paper presented at the 17th International Conference on Information Systems for Crisis Response and Management, Blacksburg, United States.

Vancouver

Staves A, Balderstone H, Green B, Gouglidis A, Hutchison D. A Framework to Support ICS Cyber Incident Response and Recovery. 2020. Paper presented at the 17th International Conference on Information Systems for Crisis Response and Management, Blacksburg, United States.

Author

Staves, Alex ; Balderstone, Harry ; Green, Benjamin et al. / A Framework to Support ICS Cyber Incident Response and Recovery. Paper presented at the 17th International Conference on Information Systems for Crisis Response and Management, Blacksburg, United States.14 p.

Bibtex

@conference{27b7d6ecc785485787d44fc13b94f957,
title = "A Framework to Support ICS Cyber Incident Response and Recovery",
abstract = "During the past decade there has been a steady increase in cyber attacks targeting Critical National Infrastructure. In order to better protect against an ever-expanding threat landscape, governments, standards bodies, and a plethora of industry experts have produced relevant guidance for operators in response to incidents. However, in a context where safety, reliability, and availability are key, combined with the industrial nature of operational systems, advice on the right practice remains a challenge. This is further compounded by the volume of available guidance, raising questions on where operators should start, which guidance set should be followed, and how confidence in the adopted approach can be established. In this paper, an analysis of existing guidance with a focus on cyber incident response and recovery is provided. From this, a work in progress framework is posited, to better support operators in the development of response and recovery operations.",
keywords = "ICS, CNI, Cyber Incident, Guidance, Response and Recovery",
author = "Alex Staves and Harry Balderstone and Benjamin Green and Antonios Gouglidis and David Hutchison",
year = "2020",
month = may,
day = "24",
language = "English",
note = "the 17th International Conference on Information Systems for Crisis Response and Management, ISCRAM 2020 ; Conference date: 24-05-2020 Through 27-05-2020",
url = "https://www.drrm.fralinlifesci.vt.edu/iscram2020/index.php",

}

RIS

TY - CONF

T1 - A Framework to Support ICS Cyber Incident Response and Recovery

AU - Staves, Alex

AU - Balderstone, Harry

AU - Green, Benjamin

AU - Gouglidis, Antonios

AU - Hutchison, David

PY - 2020/5/24

Y1 - 2020/5/24

N2 - During the past decade there has been a steady increase in cyber attacks targeting Critical National Infrastructure. In order to better protect against an ever-expanding threat landscape, governments, standards bodies, and a plethora of industry experts have produced relevant guidance for operators in response to incidents. However, in a context where safety, reliability, and availability are key, combined with the industrial nature of operational systems, advice on the right practice remains a challenge. This is further compounded by the volume of available guidance, raising questions on where operators should start, which guidance set should be followed, and how confidence in the adopted approach can be established. In this paper, an analysis of existing guidance with a focus on cyber incident response and recovery is provided. From this, a work in progress framework is posited, to better support operators in the development of response and recovery operations.

AB - During the past decade there has been a steady increase in cyber attacks targeting Critical National Infrastructure. In order to better protect against an ever-expanding threat landscape, governments, standards bodies, and a plethora of industry experts have produced relevant guidance for operators in response to incidents. However, in a context where safety, reliability, and availability are key, combined with the industrial nature of operational systems, advice on the right practice remains a challenge. This is further compounded by the volume of available guidance, raising questions on where operators should start, which guidance set should be followed, and how confidence in the adopted approach can be established. In this paper, an analysis of existing guidance with a focus on cyber incident response and recovery is provided. From this, a work in progress framework is posited, to better support operators in the development of response and recovery operations.

KW - ICS

KW - CNI

KW - Cyber Incident

KW - Guidance

KW - Response and Recovery

M3 - Conference paper

T2 - the 17th International Conference on Information Systems for Crisis Response and Management

Y2 - 24 May 2020 through 27 May 2020

ER -