| dc.contributor.author | Jaatun, Martin Gilje | |
| dc.contributor.author | Bodsberg, Lars | |
| dc.contributor.author | Grøtan, Tor Olav | |
| dc.contributor.author | Moe, Marie Elisabeth Gaup | |
| dc.date.accessioned | 2020-09-04T11:20:14Z | |
| dc.date.available | 2020-09-04T11:20:14Z | |
| dc.date.created | 2020-07-14T22:47:08Z | |
| dc.date.issued | 2020 | |
| dc.identifier.isbn | 978-0-9932338-5-2 | |
| dc.identifier.uri | https://hdl.handle.net/11250/2676425 | |
| dc.description.abstract | This paper documents the results of an empirical study of cyber incident response readiness in the Norwegian petroleum industry. The study addressed the Computer Emergency Response Team (CERT) capacity among various actors in the industry in handling critical cybersecurity incidents in industrial control and safety systems, with a focus on Operational Technology (OT) systems. The paper presents results from interviews with personnel in petroleum companies as well as interviews with national and international CERT actors. The informants in the petroleum industry are relatively satisfied with their own CERT capacity today, but it is acknowledged that one can always improve. Oil and gas companies and drilling companies share information and experience in various (virtual) meeting places and forums organized by external actors, but there is little focus, especially among the smaller companies, on systematic sharing of information and experiences of cyber incidents. There is a strong need for coordinating and harmonizing cybersecurity in IT and OT systems, as there are significant differences in terminology, maturity of technical solutions and culture today. CERT actors pointed out a need for better communication and contact between CERT actors and key persons within the companies, something that could be accomplished with the establishment of a petroleum sector Information Sharing and Analysis Centre (ISAC). | en_US |
| dc.language.iso | eng | en_US |
| dc.publisher | Institute of Electrical and Electronics Engineers (IEEE) | en_US |
| dc.relation.ispartof | Cyber Science 2020 - Advancing a Multidisciplinary Approach to Cyber Security | |
| dc.relation.uri | https://ieeexplore.ieee.org/document/9138865 | |
| dc.title | An Empirical Study of CERT Capacity in the North Sea | en_US |
| dc.type | Chapter | en_US |
| dc.description.version | acceptedVersion | en_US |
| dc.source.pagenumber | 6-13 | en_US |
| dc.identifier.doi | http://dx.doi.org/10.1109/CyberSecurity49315.2020.9138865 | |
| dc.identifier.cristin | 1819441 | |
| dc.description.localcode | © 2020 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works. | en_US |
| cristin.ispublished | true | |
| cristin.fulltext | postprint | |
| cristin.qualitycode | 1 | |
