Vis enkel innførsel

dc.contributor.authorGnanasekaran, Vahiny
dc.contributor.authorBartnes, Maria
dc.contributor.authorGrøtan, Tor Olav
dc.contributor.authorHeegaard, Poul Einar
dc.date.accessioned2024-11-04T14:18:45Z
dc.date.available2024-11-04T14:18:45Z
dc.date.created2024-05-30T15:29:52Z
dc.date.issued2024
dc.identifier.citation2024 ACM/IEEE 4th International Workshop on Engineering and Cybersecurity of Critical Systems (EnCyCriS) and 2024 IEEE/ACM Second International Workshop on Software Vulnerability (EnCyCriS/SVM '24)en_US
dc.identifier.isbn979-8-4007-0565-6
dc.identifier.urihttps://hdl.handle.net/11250/3163255
dc.description.abstractThe number of significant cyberattacks targeted by national state actors is growing in critical infrastructure. Companies rely on detecting and responding appropriately to such attacks by practicing and developing procedures for the cyber-incident response. This paper presents the findings from seven semi-structured interviews to identify distinct practices, challenges, and roles regarding cyber-incident response in the petroleum industry. The literature has previously addressed specific IT, security, or Operational Technology (OT) teams only, but has not considered the holistic view of cyber-incident response in industrial control systems between internal roles, and external actors, such as Security Operations Centers, Computer Security Incident Response Teams, emergency response teams, and on-site personnel. To address this, a novel framework for empirical inquiry consisting of document analysis, and workshops as preparation for interviews, were conducted. The stakeholder diagram displays the most relevant incident response roles and a list of current challenges extracted from the interviews. Future research should consider extending the sample, and include other, organizational and procedural factors.en_US
dc.language.isoengen_US
dc.publisherACM - Association for Computing Machineryen_US
dc.relation.ispartof2024 ACM/IEEE 4th International Workshop on Engineering and Cybersecurity of Critical Systems (EnCyCriS) and 2024 IEEE/ACM Second International Workshop on Software Vulnerability (EnCyCriS/SVM '24)
dc.rightsNavngivelse 4.0 Internasjonal*
dc.rights.urihttp://creativecommons.org/licenses/by/4.0/deed.no*
dc.titleCyber-incident Response in Industrial Control Systems: Practices and Challenges in the Petroleum Industryen_US
dc.title.alternativeCyber-incident Response in Industrial Control Systems: Practices and Challenges in the Petroleum Industryen_US
dc.typeChapteren_US
dc.description.versionpublishedVersionen_US
dc.identifier.doi10.1145/3643662
dc.identifier.cristin2272238
dc.relation.projectNorges forskningsråd: 326717en_US
cristin.ispublishedfalse
cristin.fulltextpostprint


Tilhørende fil(er)

Thumbnail

Denne innførselen finnes i følgende samling(er)

Vis enkel innførsel

Navngivelse 4.0 Internasjonal
Med mindre annet er angitt, så er denne innførselen lisensiert som Navngivelse 4.0 Internasjonal