Cyber Resilience in Critical Infrastructure 9781032583051, 9781032583068, 9781003449522
This book investigates Cyber Resilience in Critical Infrastructure and introduces 49 case studies from various parts of
138 57 4MB
English Pages 275 Year 2023
Table of contents :
Cover
Half Title
Title Page
Copyright Page
Table of Contents
Acknowledgements
About the Authors
Preface
1 Critical Infrastructure and Cyber Resilience Frameworks
1.1 Cyber Resilience Framework Overview
1.1.1 Governance and Management
1.1.2 Identify
1.1.3 Protect
1.1.4 Detect
1.1.5 Respond
1.1.6 Recover
1.2 Identify Critical Assets, Systems, and Data
1.2.1 Methods for Identifying
1.2.2 Identify Process Based on FMI Example
1.2.2.1 Development
1.2.2.2 Advancement
1.2.2.3 Innovation
1.3 Protect Critical Infrastructure Services
1.3.1 Enhancement of the Protection of Critical Infrastructure
1.3.2 Zero-Trust Approach
1.3.3 Protect Process Based on FMI Example
1.4 Detect Suspected Data Breaches or Leaks
1.4.1 Methods for Detecting
1.4.2 Detection Process
1.4.3 Detect Process Based on FMI Example
1.5 Respond to a Detected Security Breach
1.5.1 Incident Response Teams
1.5.2 Response Plan
1.5.3 Common Sorts of Cyberattacks
1.5.3.1 Insider Attacks
1.5.3.2 Social Engineering
1.5.3.3 Malware Attacks
1.5.4 Response Types
1.5.4.1 Technical Response
1.5.4.2 Management Response
1.5.4.3 Communications Response
1.5.4.4 Legal Response
1.5.5 Incident Response Lifecycle
1.5.5.1 Preparation
1.5.5.2 Detection
1.5.5.3 Containment, Eradication, and Recovery
1.5.5.4 Post-Incident Activity
1.6 Recover to Restore During a Cybersecurity Incident
1.6.1 Determining a Recovery Strategy
1.6.1.1 Hot Site
1.6.1.2 Cold Site
1.6.1.3 Warm Site
1.6.1.4 Defining RPO and RTO
1.6.2 Recovery Plan Creation
1.6.2.1 Possible Effective Solutions for Incidents
1.6.2.2 Identify and Evaluate
1.6.2.3 Create
1.6.2.4 Training & Development
1.6.2.5 Additional Suggestions
1.6.3 Plan Testing
1.7 Other Frameworks
1.7.1 Center for Internet Security (CIS) Critical Security Controls
1.7.2 The Center on Local Government Research Framework
1.7.3 ISO 27001 and ISO 27002 (International Organisation for Standardisation)
1.7.4 Payment Card Industry Data Security Standard (PCI DSS)
1.7.5 Less commonly Used Frameworks
1.7.5.1 Control Objectives for Information Technology (COBIT)
1.7.5.2 Health Information Trust Alliance Cybersecurity Framework (HITRUST CSF)
1.7.5.3 Cybersecurity Maturity Model Certification (CMMC)
1.7.5.4 Cloud Security Alliance (CSA) Cloud Controls Matrix (CCM)
References
2 Emergency Services Sector
2.1 What is Emergency Services as an Infrastructure?
2.2 Why are Emergency Services Important?
2.3 Key Players and Stakeholders
2.4 Cyber Resilience in Emergency Services Infrastructure
2.5 Case Studies
2.5.1 Case 1: BlueLeaks
2.5.2 Case 2: Baltimore's Emergency System
2.5.3 Case 3: DC Metropolitan Police Department
2.5.4 Case 4: AAA Ambulance Service
References
3 Energy Sector
3.1 What is Energy as an Infrastructure?
3.2 Why is Energy Infrastructure Important?
3.3 Key Players and Stakeholders
3.4 Cyber Resilience in Energy Infrastructure
3.5 Case Studies
3.5.1 Case 1: Stuxnet Attack
3.5.2 Case 2: The Shamoon Malware
3.5.3 Case 3: Colonial Pipeline
3.5.4 Case 4: Oiltanking Deutschland Attack
3.5.5 Case 5: Ukrainian Power Grid Hack
3.5.6 Case 6: COPEL and Eletrobras Cyberattack
References
4 Finance Sector
4.1 What is Finance as an Infrastructure?
4.2 Why is Finance Infrastructure Important?
4.3 Key Players and Stakeholders
4.4 Cyber Resilience in Finance Infrastructure
4.5 Case Studies
4.5.1 Case 1: Bitmart
4.5.2 Case 2: Coinbase
4.5.3 Case 3: DAO Hack
4.5.4 Case 4: Wormhole Token Hack
4.5.5 Case 5: EnergoBank
4.5.6 Case 6: Robinhood Data Breach
4.5.7 Case 7: Diebold Nixdorf
References
5 Food Sector
5.1 What is Food as an Infrastructure?
5.2 Why is Food Infrastructure Important?
5.3 Key Players and Stakeholders
5.4 Cyber Resilience in Food Infrastructure
5.5 Case Studies
5.5.1 Case 1: JBS
5.5.2 Case 2: Schreiber Foods
5.5.3 Case 3: JFC International
5.5.4 Case 4: Harvest Sherwood Food Distributors
5.5.5 Case 5: Crystal Valley Cooperation
References
6 Government Sector
6.1 What is Government as an Infrastructure?
6.2 Why is Government Infrastructure Important?
6.3 Key players and Stakeholders
6.4 Cyber Resilience in Government Infrastructure
6.5 Case Studies
6.5.1 Case 1: SolarWinds
6.5.2 Case 2: 2016 Clinton Campaign Data Leak
6.5.3 Case 3: Bundestag Hack
6.5.4 Case 4: Aadhaar Hack
References
7 Healthcare Sector
7.1 What is Healthcare as an Infrastructure?
7.2 Why is Healthcare Infrastructure Important?
7.3 Key Players and Stakeholders
7.4 Cyber Resilience in Healthcare Infrastructure
7.5 Case Studies
7.5.1 Case 1: Magellan Health
7.5.2 Case 2: United Healthcare Services
7.5.3 Case 3: Broward Health
7.5.4 Case 4: Boston Children's Hospital
7.5.5 Case 5: Texas Hospital Network
References
8 Telecommunications Sector
8.1 What is Telecommunication as an Infrastructure?
8.2 Why is Telecommunication Infrastructure Important?
8.3 Key Players and Stakeholders
8.4 Cyber Resilience in the Telecommunication Infrastructure
8.5 Case Studies
8.5.1 Case 1: Nortel Networks Corporation
8.5.2 Case 2: T-Mobile
8.5.3 Case 3: NTT Communications Corporation
8.5.4 Case 4: LightBasin
8.5.5 Case 5: Syniverse
8.5.6 Case 6: Orange SA
8.5.7 Case 7: Telefonica
8.5.8 Case 8: Verizon
References
9 Transportation Sector
9.1 Aviation Transport
9.1.1 What is Aviation as an Infrastructure?
9.1.2 Why is Aviation Infrastructure Important?
9.1.3 Key Players and Stakeholders in Aviation
9.2 Maritime Transport
9.2.1 What is Maritime Transportation as an Infrastructure
9.2.2 Why is Maritime Transportation Important?
9.2.3 Key Players and Stakeholders in Maritime Transportation
9.3 Road Transport
9.3.1 What is Road Transportation as an Infrastructure?
9.3.2 Why is Road Transportation Important?
9.3.3 Key Players and Stakeholders in Road Transportation
9.4 Rail Transportation
9.4.1 What is Rail Transportation as an Infrastructure?
9.4.2 Why is Rail Transportation Important?
9.4.3 Key Players and Stakeholders in Rail Transportation
9.5 Cyber Resilience in Transport Infrastructure
9.6 Case Studies
9.6.1 Case 1: Transnet
9.6.2 Case 2: Port of Antwerp
9.6.3 Case 3: Rotterdam Port
9.6.4 Case 4: San Francisco Municipal Transport Agency
9.6.5 Case 5: WannaCry Ransomware Attack
9.6.6 Case 6: Cathay Pacific Airways Cyberattack
References
10 Water Sector
10.1 What is Water as an Infrastructure?
10.2 Why is Water Infrastructure Important?
10.3 Key Players and Stakeholders
10.4 Cyber Resilience in Water Infrastructure
10.5 Case Studies
10.5.1 Case 1: Maroochy Municipal Sewage System
10.5.2 Case 2: Florida, Oldsmar Water Utility System
10.5.3 Case 3: Key Largo Wastewater Treatment District
10.5.4 Case 4: Bowman Avenue Dam
10.5.5 Case 5: North Carolina Onslow Water and Sewer Authority
References
11 Conclusion
Index
![Countering Cyber Threats to Financial Institutions: A Private and Public Partnership Approach to Critical Infrastructure Protection [1st ed.]
9783030540531, 9783030540548](https://dokumen.pub/img/200x200/countering-cyber-threats-to-financial-institutions-a-private-and-public-partnership-approach-to-critical-infrastructure-protection-1st-ed-9783030540531-9783030540548.jpg)
![Optimizing Community Infrastructure: Resilience in the Face of Shocks and Stresses [1 ed.]
0128162406, 9780128162408](https://dokumen.pub/img/200x200/optimizing-community-infrastructure-resilience-in-the-face-of-shocks-and-stresses-1nbsped-0128162406-9780128162408.jpg)
