||Every organization relies on external critical infrastructure, such as transport, power, telecommunications etc. This section provides news and information about governmental and other measures being taken to protect this infrastructure.
Mitigating attacks on industrial control systems: ENISA releases new guidance
The EU’s cyber security agency, ENISA, has provided a new manual for better mitigating attacks on industrial control systems, supporting industrial processes primarily in the area of critical information infrastructure.
•Date: 4th December 2013 • Europe/ UK •Type: Article
Researchers look into removing the Internet’s dependency on servers
Pursuit concept would make the Internet more resilient.
•Date: 1st November 2013 • World •Type: Article
NIST releases Preliminary Cybersecurity Framework
The US Department of Commerce's National Institute of Standards and Technology has released its Preliminary Cybersecurity Framework to help critical infrastructure owners and operators reduce cybersecurity risks in industries such as power generation, transportation and telecommunications.
•Date: 23rd October 2013 • US •Type: Article
‘Securing Power, Utilities, and Other Critical Infrastructure from Growing Cyber Risks’
US critical infrastructure operators are coming under increased pressure to protect their vital systems and assets from outside cyber threats as the number of attacks increase and stronger regulations are imposed, Marsh says in a new report.
•Date: 23rd October 2013 • US •Type: Article
Royal Academy of Engineering report highlights emerging UK power supply risks
Security of supply may be threatened by the winter of 2015/2016.
•Date: 18th October 2013 • UK •Type: Article
Increasing fragility of power supply security means that end users should not expect the future continuity of supply to be guaranteed
According to a Marsh European Power Practice consultant.
•Date: 11th October 2013 • World •Type: Article
‘Climate change will lead to dramatic escalation of disasters’ says UNISDR
Governments need to step up the on-going efforts to ensure that critical infrastructures are protected against extreme weather events.
•Date: 3rd October 2013 • World •Type: Article
Interdependency planning crucial for critical infrastructure protection
Government policy-making must factor in the interdependencies between transport, energy, water, waste and ICT networks if the UK is to have infrastructure that meets the challenges of the 21st century, according to Engineering the Future (EtF) – an alliance of leading engineering bodies.
•Date: 17th July 2013 • UK •Type: Article
BUCOPCI project releases business continuity guidelines
The results of the BUCOPCI (BUsiness COntinuity Planning for Critical Infrastructure) project are now available for download from the BUCOPCI website.
•Date: 10th July 2013 • Europe/ UK •Type: Article
European Parliament passes new cyber attack legislation
Includes new penalties for attacks on critical infrastructure.
•Date: 5th July 2013 • Europe/UK •Type: Article
NIST releases draft outline of Cybersecurity Framework for Critical Infrastructure
Private-sector comments requested.
•Date: 4th July 2013 • US •Type: Article
Ofgem report discusses UK energy related risks
The probability of a supply disruption increases from 1 in 47 years now to around 1 in 12 years for 2015/16.
•Date: 3rd July 2013 • UK •Type: Article
‘A Stronger, More Resilient New York’
On June 11, Mayor Michael Bloomberg publically launched a comprehensive plan to increase the resilience of New York’s critical infrastructure, buildings and communities.
•Date: 13th June 2013 • US •Type: Article
FFIEC forms Cybersecurity and Critical Infrastructure Working Group
Working group to “promote coordination across the federal and state banking regulatory agencies on critical infrastructure and cybersecurity issues.”
•Date: 7th June 2013 • US •Type: Article
NIST publishes initial analysis of Cybersecurity Framework for Critical Infrastructure comments
The US National Institute of Standards and Technology has posted an initial analysis of hundreds of comments submitted by industry and the public related to President Obama's ‘Improving Critical Infrastructure Cybersecurity Executive Order.'
•Date: 22nd May 2013 • US •Type: Article
Protecting networked control systems from cyber-attack
Researchers from North Carolina State University have developed a software algorithm that detects and isolates cyber-attacks on networked control systems.
•Date: 15th May 2013 • US/World •Type: Article
Critical infrastructure providers need to consider smart meters attack risks
Smart meters set to increase the risk of wireless attacks aimed at SCADA, BMS and PLC systems using SDR equipment.
•Date: 23rd April 2013 • UK/World •Type: Article
Department of Homeland Security outlines Fiscal Year 2014 budget request
US Secretary of Homeland Security Janet Napolitano has unveiled the Department of Homeland Security’s fiscal year 2014 budget request of $39.0 billion in net discretionary funding.
•Date: 11th April 2013 • US •Type: Article
NIST seeks input for Cybersecurity Framework for Critical Infrastructure
US National Institute of Standards and Technology seeks cybersecurity views and ideas.
•Date: 5th March 2013 • US •Type: Article
New Presidential Policy Directive aims at improving the security of US critical infrastructure
PPD-21: Critical Infrastructure Security and Resilience.
•Date: 14th Feb 2013 • US •Type: Article
United Nations GAR13 report expected to drive ‘a paradigm shift’ in business continuity planning
Latest United Nations Global Assessment Report on Disaster Risk Reduction report aims to encourage businesses to fully integrate business continuity as a core business discipline.
•Date: 14th Feb 2013 • World •Type: Article
Critical infrastructure protection: understanding the need to boost security defences in the UK energy sector
Calum MacLeod explains why there is a pressing need to implement robust encryption key and digital certificate management on national energy grids.
•Date: 31st Jan 2013 • UK •Type: Article
EU project aims to produce transport-sector business continuity guidance by July 2013
The 612,000 euro BUCOPCI project is being coordinated by Isdefe (Systems Engineering for the Defence of Spain).
•Date: 23rd Jan 2013 • Europe •Type: Article
By 2016 public cloud infrastructure will be a mandated aspect of critical national infrastructure in the United States
According to Gartner predictions.
•Date: 23rd Jan 2013 • US •Type: Article
ENISA releases first annual report of major cyber incidents in the EU
51 severe outages reported over 2011.
•Date: 16th Oct 2012 • Europe/UK •Type: Article
US National Governors Association launches Resource Center for State Cybersecurity
Project will examine the role state policy can and should play in ensuring adequate cybersecurity for state-owned and state-based infrastructure.
•Date: 4th Oct 2012 • US •Type: Article
US National Science Foundation invests $50 million in research to secure cyberspace
Grant awards aim to improve the resilience of operating systems, software, hardware and critical infrastructure.
•Date: 2nd Oct 2012 • US •Type: Article
National infrastructure protection: emerging technologies
The UK Centre for the Protection of National Infrastructure (CPNI) has published a document which aims to start discussions on emerging technologies that are likely to impact on cyber security.
US experts make predictions about future homeland security threats
Cyber-based critical infrastructure attacks seen as top threat.
Homeland Security and Governmental Affairs Committee chairman urges floor vote on cybersecurity legislation
Urgent action is required to protect US national and economic security.
US Senate committee leaders introduce cyber-security legislation
Lieberman, Collins, Rockefeller and Feinstein introduce bipartisan, Bill to secure Fed and critical private sector cyber systems.
European Parliament committee backs plan to strengthen EU defences against cyber-attacks
A draft law to strengthen the European Network and Information Security Agency (ENISA) has been approved by European Parliament Industry, Research and Energy Committee MEPs.
Ability of G20 Nations to withstand cyber attacks benchmarked
A benchmarking study has found that the United Kingdom and the United States lead the rest of the G20 countries in their ability to withstand cyber attacks.
•Date: 17th January 2012 • Various •Type: Article
Comment on the UK Cyber Security Strategy
Amichai Shulman gives some personal reflections on the new Cyber Security Strategy’s strengths and weaknesses.
•Date: 2nd December 2011 • Region: UK •Type: Article
The UK Cyber Security Strategy
The UK government has set out a roadmap for improving the UK cyber security through to 2015.
•Date: 29th November 2011 • Region: UK •Type: Article
Cyprus and Luxembourg failing in protection of critical infrastructure
Two EU countries do not live up to European standards in identifying their critical infrastructure, says the European Commission.
Critical infrastructure providers surveyed
Private sector providers are less aware and engaged in government critical infrastructure protection programs than they were in 2010.
UK Cabinet Office publishes new guidance on critical infrastructure resiliency
Includes sections on resiliency planning and business continuity management.
•Date: 25th October 2011 • Region: UK •Type: Article
‘Cooperative Models for Effective Public Private Partnerships’
A new guide with 36 recommendations for building effective public and private partnerships for resilient IT security has been launched by ENISA.
Private sector is endangering national cyber security: UK report
The UK's critical national infrastructure is at huge risk of attack and the companies that own it must take greater responsibility in securing their systems.
•Date: 16th September 2011 • Region: UK/World •Type: Article
US power outage illustrates wider critical infrastructure threats
If a single employee’s mistake, with just one piece equipment, can have such a devastating consequence on what is national critical infrastructure, then what does this tell us about security, change management, and of course, business continuity? By Professor John Walker.
Critical infrastructure: time to begin anticipating and adapting to climate change
Despite the uncertainties surrounding climate change, it is time to start developing effective strategies that will keep critical infrastructure running in the face of the adverse impacts that seem increasingly likely to occur.
•Date: 23rd August 2011 • Region: US •Type: Article
GAO reports on critical infrastructure protection and cybersecurity
‘Cybersecurity: Continued Attention Needed to Protect Our Nation's Critical Infrastructure’: GAO-11-865T.
•Date: 27th July 2011 • Region: US •Type: Article
‘Understanding the Risks, Empowering Communities, Building Resilience: National flood and coastal erosion risk management strategy for England’
New document provides a summary of the national flood and coastal erosion risk management strategy.
•Date: 21st July 2011 • Region: UK •Type: Article
DOD details how the US military will operate in cyberspace
Military to take an active role in protecting US organizations and critical infrastructure from cyberattacks.
•Date: 15th July 2011 • Region: US •Type: Article
Protecting the UK’s smart grids
Future critical infrastructure threats addresses in Energy Networks Association report.
•Date: 1st July 2011 • Region: UK •Type: Article
‘Active self-defense strategy’ is the best deterrent against cyber-attacks
Law professor Jay P. Kesan warns that an active self-defense regime is a necessity in cyberspace, especially to protect critical infrastructure.
•Date: 29th June 2011 • Region: US •Type: Article
Final version of industrial control systems security guide published by NIST
Provides specific guidance on how to reduce the vulnerability of critical infrastructure to malicious attacks, equipment failures, and other threats to the operation and reliable performance of underpinning control systems.
•Date: 22nd June 2011 • Region: US/World •Type: Article
Energy security risks mapped
France, Germany, Italy, Japan, UK and USA rated ‘high risk’ for short-term energy security – Canada most secure: Maplecroft report.
•Date: 3rd June 2011 • Region: World •Type: Article
National Risk Management preparedness: guidelines for critical information infrastructure governance
‘ENISA ad hoc Working Group on National Risk Management Preparedness: Consolidated Report.’
•Date: 20th May 2011 • Region: UK/Europe •Type: Article
New approach to UK flood protection could leave critical infrastructure vulnerable
Warning issued by the Institution of Civil Engineers.
•Date: 19th May 2011 • Region: UK •Type: Article
New report looks at Internet resilience
‘Inter‐X: Resilience of the Internet Interconnection Ecosystem’ looks at current and future resiliency risks and possible solutions.
•Date: 5th May 2011 • Region: Europe / UK •Type: Article
Implementation of US National Terrorism Advisory System announced
Secretary of Homeland Security Janet Napolitano has announced the implementation of the Department of Homeland Security’s National Terrorism Advisory System (NTAS).
•Date: 21st April 2011 • Region: US •Type: Article
Presidential Policy Directive gives 60-day deadline for US national preparedness goal and national preparedness system implementation plan
President Obama has signed a new Presidential Policy Directive: PPD-8.
•Date: 20th April 2011 • Region: US •Type: Article
Volcanic ash disruption: one year on and European Commission issues crisis preparedness update
Highlights measures taken to prepare for a similar event in future.
•Date: 13th April 2011 • Region: UK/Europe •Type: Article
Secretary Napolitano has continued to progress the DHS global supply chain security initiative.