Using Knowledge Management to Strengthen Information Security Policy Development in Developing Countries: Case - Jamaica

Information security incidents continue to grow exponentially amidst the development of advanced technological solutions aimed at protecting information system resources. Today, the growth in information systems’ breaches remains at an alarming rate. The strategies developed by malicious users are becoming more sophisticated in nature and are introduced unabated across various networks. However, security experts and developers are lagging behind in their response to the information security phenomenon. Today, developing countries continue struggling to effectively address information security issues and are becoming the main avenue for cyber criminals who capitalize on the weaknesses that exist in these regions. An effective response to information security requires a significant amount of resources. In developing countries there are limited human, financial and technological resources and weak legislative frameworks and these are fundamental requirements for combating cyber-crime. One major cyber-crime incident could be catastrophic for businesses and governments in these small, fragile economies and could have far reaching effects on their citizens. Knowledge management can be employed to assist in strengthening the capability of organizations and governments in the development of context-sensitive information security policies in developing regions. In this paper we present a knowledge acquisition model that brings together the two most widely adopted standards COBIT, ISO/IEC 27005 and tacit knowledge that exists in repositories (human) within the information security domain to support the development of context-sensitive information security policies. A quantitative methodology was used in the development of an artifact, preliminary evaluation was done using the informed argument approach and results and recommendations for future research are presented. This study can add to the limited literature on the use of knowledge management in the information security domain and the artifact presented can assist information security practitioners in small/medium-sized organizations

Evaluation of Open Source SIEM for Situation Awareness Platform in the Smart Grid Environment

Abstract-The smart grid as a large-scale system of systems has an exceptionally large surface exposed to cyber-attacks, including highly evolved and sophisticated threats such as Advanced Persistent Threats (APT) or Botnets. When addressing this situation the usual cyber security technologies are prerequisite, but not sufficient. The smart grid requires developing and deploying an extensive ICT infrastructure that supports significantly increased situational awareness and enables detailed and precise command and control. The paper presents one of the studies related to the development and deployment of the Situation Awareness Platform for the smart grid, namely the evaluation of open source Security Information and Event Management systems. These systems are the key components of the platform

Управління інформаційною безпекою на основі інтелектуальних технологій

The analysis of information and telecommunication networks of new generation is shown in the article. It is proved that security in the ITN has significant differences from the security-specific information in any specified system. Creation of security in ITN, oriented to work with incomplete or fuzzy initial information, uncertainty of external influences and environmental performance, requires the involvement of non-traditional approaches to safety management in ITN using methods and techniques of artificial intelligence. The aim of research was developing the scientific bases of situational safety management in ITN on the base of intelligent technologies. The generalized structure of intelligent security management is given. The structure of neural evaluation of the safety in ITN is presented and the principle of operation is described. The research results can be used by specialists in the field of security of information and telecommunication systems and networks. The developed basis of situational safety management in the ITN can be taken into account in the developing of advanced safety systems in ITN on the base of intelligent technologies.Представлен анализ развития информационно-телекоммуникационных сетей нового поколения. Целью проведенных исследований была разработка научных основ ситуационного управления безопасностью в ИТМ на основе интеллектуальных технологий. Приведена обобщенная структура системы интеллектуального управления безопасностью. Представлена структура нейросистемы оценки уровня безопасности в ИТС и описан принцип ее функционирования.Представлено аналіз розвитку інформаційно-телекомунікаційних мереж нового покоління. Метою проведених досліджень була розробка наукових основ ситуаційного управління безпекою в ІТМ на основі інтелектуальних технологій. Наведена узагальнена структура системи інтелектуального управління безпекою. Представлено структуру нейросистеми оцінки рівня безпеки в ІТМ та описано принцип її функціонування

Network and System Management for the Security Monitoring of Microgrids using IEC 62351-7

Interest in adding renewable energy sources to the power grid has risen substantially in recent years. As a response to this growing interest, the deployment of microgrids capable of integrating renewable energy has become more widespread. Microgrids are independent power systems that deliver power from different kinds of Distributed Energy Resources (DERs) to local energy consumers more efficiently than the conventional power grid. The microgrid leverages advanced information and communication technologies for vital protection, monitoring, and control operations as well as for energy management. With the use of information technology comes the need to protect the microgrid information layer from cyberattacks that can impact critical microgrid power operations. In this research, a security monitoring system to detect cyberattacks against the microgrid, in near-real time, is designed and implemented. To achieve this, the system applies Network and System Management (NSM) for microgrid security monitoring, as specified by the IEC 62351-7 security standard for power systems. The specific contributions of this research are (i) an investigation on the suitability of NSM for microgrid security monitoring; (ii) the design and implementation of an NSM platform; (iii) the design and implementation of a security analytics framework for NSM based on deep learning models; (iv) the elaboration of a comprehensive microgrid simulation model deployed on a Hardware in the Loop (HIL) co-simulation framework; and (v) an experimental evaluation on the effectiveness and scalability of the NSM security monitoring platform for detection against microgrid attack scenarios, with a methodology being used to systematically generate the scenarios. The experimental results validate the usefulness of NSM in detecting attacks against the microgrid

Modelling of Fuzzy Expert System for an Assessment of Security Information Management System UIS (University Information System)

Several methodologies based on the international standard ISO/IEC 27001 have been developed for modelling information security management systems within higher education. This paper transformed the ISO/IEC 27001 standard into a questionnaire, which was sent digitally to about 100 universities in Bosnia and Herzegovina, and to the EU, Norway and the USA. The questions are arranged by levels, and the levels have their numerical weights, derived from individual questions in the levels themselves. Otherwise, the questions are asked with Yes or No and thus are reduced to binary variables. The rules necessary for the functioning of the system have been calculated. The fuzzy logic method represents a new approach to the problems of managing complex systems, which is very difficult to describe with a certain mathematical model, as well as in systems with a large number of inputs and outputs where there are unclear interactions. Risk assessment is a major part of the ISMS process. Traditional risk calculation models are based on the application of probability and classical set theory. Here, we have converted the risk assessment into a system rating of 5 to 10 numerically or from five to ten descriptively. We perform fuzzy optimization by finding the values of the input parameters of a complex simulated system, which results in the desired output. We use the fuzzy logic controller to execute fuzzy inference rules from the fuzzy rule database in determining congestion parameters, obtaining warning information and appropriate action. Simulating the situation of an advanced system that evaluates the protection quality of such a system with fuzzy logic, we use MATLAB. The paper combines the original Visual Basic programming language and MATLAB\u27s Fuzzy Toolbox, to solve the complex problem of assessing compliance with the ISO/IEC 27001 standard, as one of the main standards for information systems security modelling. University information systems were used, but it is also applicable to all other information systems. The evaluation has been done for several universities and it has been proven that the system evaluates correctly, but these universities must not be publicly named. There was no such approach in the use of fuzzy logic and on such systems, and that is the originality of this work

Trust Management Model for Cloud Computing Environment

Software as a service or (SaaS) is a new software development and deployment paradigm over the cloud and offers Information Technology services dynamically as "on-demand" basis over the internet. Trust is one of the fundamental security concepts on storing and delivering such services. In general, trust factors are integrated into such existent security frameworks in order to add a security level to entities collaborations through the trust relationship. However, deploying trust factor in the secured cloud environment are more complex engineering task due to the existence of heterogeneous types of service providers and consumers. In this paper, a formal trust management model has been introduced to manage the trust and its properties for SaaS in cloud computing environment. The model is capable to represent the direct trust, recommended trust, reputation etc. formally. For the analysis of the trust properties in the cloud environment, the proposed approach estimates the trust value and uncertainty of each peer by computing decay function, number of positive interactions, reputation factor and satisfaction level for the collected information.Comment: 5 Pages, 2 Figures, Conferenc

Emergency Management Training and Exercises for Transportation Agency Operations, MTI Report 09-17

Training and exercises are an important part of emergency management. Plans are developed based on threat assessment, but they are not useful unless staff members are trained on how to use the plan, and then practice that training. Exercises are also essential for ensuring that the plan is effective, and outcomes from exercises are used to improve the plan. Exercises have been an important part of gauging the preparedness of response organizations since Civil Defense days when full-scale exercises often included the community. Today there are various types of exercises that can be used to evaluate the preparedness of public agencies and communities: seminars, drills, tabletop exercises, functional exercises, facilitated exercises and full-scale exercises. Police and fire agencies have long used drills and full-scale exercises to evaluate the ability of staff to use equipment, protocols and plans. Transit and transportation agencies have seldom been included in these plans, and have little guidance for their participation in the exercises. A research plan was designed to determine whether urban transit systems are holding exercises, and whether they have the training and guidance documents that they need to be successful. The main research question was whether there was a need for a practical handbook to guide the development of transit system exercises

The THREAT-ARREST Cyber-Security Training Platform

Cyber security is always a main concern for critical infrastructures and nation-wide safety and sustainability. Thus, advanced cyber ranges and security training is becoming imperative for the involved organizations. This paper presets a cyber security training platform, called THREAT-ARREST. The various platform modules can analyze an organization’s system, identify the most critical threats, and tailor a training program to its personnel needs. Then, different training programmes are created based on the trainee types (i.e. administrator, simple operator, etc.), providing several teaching procedures and accomplishing diverse learning goals. One of the main novelties of THREAT-ARREST is the modelling of these programmes along with the runtime monitoring, management, and evaluation operations. The platform is generic. Nevertheless, its applicability in a smart energy case study is detailed

STOP-IT: strategic, tactical, operational protection of water infrastructure against cyberphysical threats

Water supply and sanitation infrastructures are essential for our welfare, but vulnerable to several attack types facilitated by the ever-changing landscapes of the digital world. A cyber-attack on critical infrastructures could for example evolve along these threat vectors: chemical/biological contamination, physical or communications disruption between the network and the supervisory SCADA. Although conceptual and technological solutions to security and resilience are available, further work is required to bring them together in a risk management framework, strengthen the capacities of water utilities to systematically protect their systems, determine gaps in security technologies and improve risk management approaches. In particular, robust adaptable/flexible solutions for prevention, detection and mitigation of consequences in case of failure due to physical and cyber threats, their combination and cascading effects (from attacks to other critical infrastructure, i.e. energy) are still missing. There is (i) an urgent need to efficiently tackle cyber-physical security threats, (ii) an existing risk management gap in utilities’ practices and (iii) an un-tapped technology market potential for strategic, tactical and operational protection solutions for water infrastructure: how the H2020 STOP-IT project aims to bridge these gaps is presented in this paper.Postprint (published version