Cybersecurity Self-assessment Tools: Evaluating the Importance for Securing Industrial Control Systems in Critical Infrastructures

Autor: Dimitris Gritzalis, Georgia Lykou, Argiro Anagnostopoulou, George Stergiopoulos
Rok vydání: 2018
Předmět:
Zdroj: Critical Information Infrastructures Security ISBN: 9783030058487
CRITIS
DOI: 10.1007/978-3-030-05849-4_10
Popis: Periodically assessing the security status of Industrial Control Systems (ICS) is essential to enable cybersecurity compliance and performance evaluation against an organization’s risk appetite. Ensuring appropriate security level is especially important in Critical Infrastructures (CI). Existing cybersecurity risk management methodologies provide frameworks through which CI stakeholders can enhance security and better protect their assets, against cybersecurity risks. Following traditional risk assessment procedures, a self-assessment tool can support an organization to build up on knowledge and security awareness, check implemented cybersecurity practices and responsibilities. Such methods and tools, when systematically implemented, can identify security weaknesses, establish cybersecurity targets and improve resilience. This paper aims to provide a review and analysis of available cybersecurity Self-Assessment tools, which can be used by ICS owners and CI operators. We also focus on questionnaire content analysis, used in these self-assessment tools, with the purpose to create a classification of questions content, according to core functions of NIST Cybersecurity Framework.
Databáze: OpenAIRE
Externí odkaz: