Cyber Situational Awareness in Critical Infrastructure Organizations

Abstract

The capability related to cybersecurity plays an ever-growing role on overall national security and securing the functions vital to society. The national cyber capability is mainly composed by resilience of companies running critical infrastructures and their cyber situational awareness (CSA). According to a common view, components of critical infrastructures become more complex and interdependent on each other and, as a consequence, ramifications of incidents multiply. In practice, the actions relate to developing better CSA and understanding of a critical infrastructure organization. The aim is to prepare for incidents and their management in a whole-of-society approach. The arrangement is based on drawing correct situation-specific conclusions and, when needed, on sharing critical knowledge in the cyber networks of society. The target state is achieved with an efficient process that includes a three-leveled (strategic, operational and technical/tactical) operating model related to the organization’s decision-making. The cyber environment is dynamic and hence especially the strategic agility is required when preparing for incidents. The pervasive incidents targeting society are a challenging cyber environment when it comes to the critical reaction speed required by the situation management.