Home > Research > Publications & Outputs > The shadow warriors

Electronic data

  • shadow_warriors_camera_ready

    Accepted author manuscript, 335 KB, PDF document

    Available under license: CC BY: Creative Commons Attribution 4.0 International License

Links

View graph of relations

The shadow warriors: in the no man’s land between industrial control systems and enterprise IT systems

Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSNConference contribution/Paperpeer-review

Published

Standard

The shadow warriors : in the no man’s land between industrial control systems and enterprise IT systems. / Zanutto, Alberto; Shreeve, Benjamin Oliver; Follis, Karolina; Busby, Jeremy Simon; Rashid, Awais.

3rd Workshop on Security Information Workers (WSIW 2017): In conjunction with 13th Symposium on Usable Privacy and Security (SOUPS). USENIX Association, 2017.

Research output: Contribution in Book/Report/Proceedings - With ISBN/ISSNConference contribution/Paperpeer-review

Harvard

Zanutto, A, Shreeve, BO, Follis, K, Busby, JS & Rashid, A 2017, The shadow warriors: in the no man’s land between industrial control systems and enterprise IT systems. in 3rd Workshop on Security Information Workers (WSIW 2017): In conjunction with 13th Symposium on Usable Privacy and Security (SOUPS). USENIX Association. <https://www.usenix.org/conference/soups2017/workshop-program/wsiw2017/zanutto>

APA

Zanutto, A., Shreeve, B. O., Follis, K., Busby, J. S., & Rashid, A. (2017). The shadow warriors: in the no man’s land between industrial control systems and enterprise IT systems. In 3rd Workshop on Security Information Workers (WSIW 2017): In conjunction with 13th Symposium on Usable Privacy and Security (SOUPS) USENIX Association. https://www.usenix.org/conference/soups2017/workshop-program/wsiw2017/zanutto

Vancouver

Zanutto A, Shreeve BO, Follis K, Busby JS, Rashid A. The shadow warriors: in the no man’s land between industrial control systems and enterprise IT systems. In 3rd Workshop on Security Information Workers (WSIW 2017): In conjunction with 13th Symposium on Usable Privacy and Security (SOUPS). USENIX Association. 2017

Author

Zanutto, Alberto ; Shreeve, Benjamin Oliver ; Follis, Karolina ; Busby, Jeremy Simon ; Rashid, Awais. / The shadow warriors : in the no man’s land between industrial control systems and enterprise IT systems. 3rd Workshop on Security Information Workers (WSIW 2017): In conjunction with 13th Symposium on Usable Privacy and Security (SOUPS). USENIX Association, 2017.

Bibtex

@inproceedings{236e33f4a1c7483bb51b4b68fee89a16,
title = "The shadow warriors: in the no man{\textquoteright}s land between industrial control systems and enterprise IT systems",
abstract = "Modern production processes are heavily reliant on industrial control systems (ICS) to help automate large-scale facilities. The security of these systems is paramount as evidenced by high profile attacks such as those against Iran{\textquoteright}s nuclear facilities and the Ukrainian Power Grid. Existing research has largely focused on technical measures against such attacks and little attention has been given to the security challenges and complexities arising from non-technical factors. For instance, cyber security workers need to maintain security whilst satisfying the demands of varied stakeholders such as managers, control engineers, enterprise IT personnel and field site operators. Existing ICS models, such as the Purdue model, tend to abstract away such complexities. In this paper, we report on initial findings from interviews with 25 industry operatives in the UK and Italy. Our analysis shows that the varying demands of various stakeholders in an ICS represent many complexities that we term grey area. Security workers often play the role of shadow warriors tackling the competing and complex demands in these grey areas while protecting themselves, their integrity and credibility.",
author = "Alberto Zanutto and Shreeve, {Benjamin Oliver} and Karolina Follis and Busby, {Jeremy Simon} and Awais Rashid",
year = "2017",
month = jul,
day = "12",
language = "English",
booktitle = "3rd Workshop on Security Information Workers (WSIW 2017)",
publisher = "USENIX Association",

}

RIS

TY - GEN

T1 - The shadow warriors

T2 - in the no man’s land between industrial control systems and enterprise IT systems

AU - Zanutto, Alberto

AU - Shreeve, Benjamin Oliver

AU - Follis, Karolina

AU - Busby, Jeremy Simon

AU - Rashid, Awais

PY - 2017/7/12

Y1 - 2017/7/12

N2 - Modern production processes are heavily reliant on industrial control systems (ICS) to help automate large-scale facilities. The security of these systems is paramount as evidenced by high profile attacks such as those against Iran’s nuclear facilities and the Ukrainian Power Grid. Existing research has largely focused on technical measures against such attacks and little attention has been given to the security challenges and complexities arising from non-technical factors. For instance, cyber security workers need to maintain security whilst satisfying the demands of varied stakeholders such as managers, control engineers, enterprise IT personnel and field site operators. Existing ICS models, such as the Purdue model, tend to abstract away such complexities. In this paper, we report on initial findings from interviews with 25 industry operatives in the UK and Italy. Our analysis shows that the varying demands of various stakeholders in an ICS represent many complexities that we term grey area. Security workers often play the role of shadow warriors tackling the competing and complex demands in these grey areas while protecting themselves, their integrity and credibility.

AB - Modern production processes are heavily reliant on industrial control systems (ICS) to help automate large-scale facilities. The security of these systems is paramount as evidenced by high profile attacks such as those against Iran’s nuclear facilities and the Ukrainian Power Grid. Existing research has largely focused on technical measures against such attacks and little attention has been given to the security challenges and complexities arising from non-technical factors. For instance, cyber security workers need to maintain security whilst satisfying the demands of varied stakeholders such as managers, control engineers, enterprise IT personnel and field site operators. Existing ICS models, such as the Purdue model, tend to abstract away such complexities. In this paper, we report on initial findings from interviews with 25 industry operatives in the UK and Italy. Our analysis shows that the varying demands of various stakeholders in an ICS represent many complexities that we term grey area. Security workers often play the role of shadow warriors tackling the competing and complex demands in these grey areas while protecting themselves, their integrity and credibility.

M3 - Conference contribution/Paper

BT - 3rd Workshop on Security Information Workers (WSIW 2017)

PB - USENIX Association

ER -