The Importance of Cybersecurity Governance Model in Operational Technology Environments
Simola, J., Takala, A., Lehkonen, R., Frantti, T., & Savola, R. (2024). The Importance of Cybersecurity Governance Model in Operational Technology Environments. In M. Lehto, & M. Karjalainen (Eds.), Proceedings of the 23rd European Conference on Cyber Warfare and Security (23, pp. 506-515). Academic Conferences International Ltd. Proceedings of the European Conference on Cyber Warfare and Security. https://doi.org/10.34190/eccws.23.1.2272
Date
2024Copyright
© 2024 European Conference on Cyber Warfare and Security
There is a common will to unify regulation in the Western world regarding overall security, including cybersecurity. European cyber security regulations aim to create a foundation and guidelines for international standards in various industries and the operation of critical infrastructure. Protected critical infrastructure is a common goal for Western allies. Allies of NATO and EU member states mainly support the anti-aggression policy in Europe. The unstable situation in the world forces states to find solutions that represent the thoughts of the allies. Defending common values is crucial when the purpose is to protect critical infrastructure and vital functions in societies. The research will demonstrate the industrial needs of IT/OT-related cybersecurity governance. The study analyzes EU-level cybersecurity requirements and how those requirements affect standardization regarding cybersecurity governance in the operational technology environment. There will be four primary governance levels: Political, Strategical, Operational and Tactical. Many criminal state-linked operators do not care about international agreements or contracts. Some rogue states have even taken to inciting violations of international agreements. We cannot trust the loose contracts between states anymore. The research will find the main challenges concerning the cybersecurity governance of the industrial organizations that use operational technology-related technology in their daily businesses. We have seen that Information and Operational Technology are based on something other than similar threats and risk basements. Operational Technology-related threats threaten the cyber-physical ecosystem where anomalies affect the physical world, so operational functions of equipment, devices, sensors, components, and production lines are interrupted. As a result, continuity management and supply chain management are compromised. The study's primary purpose is to describe the cybersecurity governance elements of the OT environment for enhancing situational awareness. Standardizing the cybersecurity level among industrial stakeholders requires EU member states to have a national cybersecurity strategy that follows main EU-level guidelines. Despite the EU member states' implementation level of the regulation, the EU-level cybersecurity requirements obligate companies to take steps to solve future cybersecurity challenges.
...
Publisher
Academic Conferences International LtdConference
European Conference on Cyber Warfare and SecurityIs part of publication
Proceedings of the 23rd European Conference on Cyber Warfare and SecurityISSN Search the Publication Forum
2048-8602Keywords
Publication in research information system
https://converis.jyu.fi/converis/portal/detail/Publication/220823484
Metadata
Show full item recordCollections
Related funder(s)
Business FinlandFunding program(s)
Co-Innovation, BFAdditional information about funding
The research was supported by Business Finland (grant number 10/31/2022) and the University of Jyväskylä.License
Related items
Showing items with similar title or keywords.
-
Information Security Governance in Civil Aviation
Salmenpää, Tomi (Springer, 2022)This chapter focuses mainly to proactive means in information security and more specifically governance of information security in civil aviation. The reason is that, to find sustainable, coherent and holistic way to ... -
Validation of Sensor Data Integrity in OT Environments Through Multisource Data Sensors
Simola, Jussi; Takala, Arttu; Lehkonen, Riku; Frantti, Tapio; Savola, Reijo (Academic Conferences International Ltd, 2024)This research paper focuses on detecting cyber threats from the OT environment by combining data from multiple sources. Monitoring cyber security or hybrid threats in an industrial OT environment is difficult due to different ... -
Developing Cybersecurity in an Industrial Environment by Using a Testbed Environment
Simola, Jussi; Savola, Reijo; Frantti, Tapio; Takala, Arttu; Lehkonen, Riku (Academic Conferences International, 2023)Critical infrastructure protection requires a testing environment that allows the testing of different kinds of equipment, software, networks, and tools to develop vital functions of the critical industrial environment. ... -
Information Security Risk Assessments following Cybersecurity Breaches : The Mediating Role of Top Management Attention to Cybersecurity
Shaikh, Faheem Ahmed; Siponen, Mikko (Elsevier, 2023)Information Systems (IS) research on managerial response to cybersecurity breaches has largely focused on externally oriented actions such as customer redressal and crisis response. Within the firm itself, a breach may be ... -
The Impact of Operational Technology Requirements in Maritime Industries
Simola, Jussi; Paavola, Jarkko; Satopää, Piia; Vanharanta, Jani (Academic Conferences International Ltd, 2024)The maritime ecosystem and industry require more efficient and coordinated cybersecurity governance. No common cybersecurity mechanism in the maritime sector may steer the whole supply chain management, for example, in the ...