Critical Information Infrastructure Protection

Exam paper for second semester: Critical Information Infrastructure Protectio

Australian commercial-critical infrastructure management protection

Secure management of Australia\u27s commercial critical infrastructure presents ongoing challenges to owners and the government. Although managed via a high-level information sharing collaboration of government and business, critical infrastructure protection is further complicated by the lack of a lower-level scalable model exhibiting its various levels, sectors and sub-sectors. This research builds on the work of Marasea (2003) to establish a descriptive critical infrastructure model and also considers the influence and proposed modelling of critical infrastructure dependency inter-relationships.<br /

Commercial critical systems and critical infrastructure protection : a future research agenda

Secure management of Australia&rsquo;s commercial critical infrastructure presents ongoing challenges to owners and the government. Although it is currently managed through high-level information sharing via collaboration, but does this suit the commercial sector. One of the issues facing Australia is that the majority of critical infrastructure resides under the control of the business sector and certain aspects such of the critical infrastructure such as Supply Chain Management (SCM) systems are distributed entities and not a single entity. The paper focuses upon the security issues associated with SCM systems and critical infrastructure protection.<br /

Critical Information Infrastructure Protection

Exam paper for second semester 201

The Community-oriented Computer Security, Advisory and Warning Team

Critical information infrastructure protection is vital for any nation. Many of a country’s critical systems are interconnected via an information infrastructure, such as the Internet. Should the information infrastructure be targeted by remote attacks, it would have a devastating effect on functioning of a country. Developing nations are no exception. As broadband penetration rates increase, and as Internet access speeds increase, developing nations have to implement safeguards to ensure that their information infrastructure is not target or abused by cyber attackers. Many nations implement CSIRT structures to aid in the protection of their information infrastructure. However these structures are expensive to set up and maintain. In this paper we introduce a Community-oriented Advisory, Security and Warning (C-SAW) Team, which aims to be a cost effective alternative to a CSIRT. C-SAW Teams aims to combine cost-effectiveness with the ability to mutate into a full-scale CSIRT structure over time

The War on Cyberterror: Why Australia Should Examine the U.S. Approach to Critical Infrastructure Protection

As the global community focuses on detecting and fighting terrorism, defense strategists have identified the vulnerability of certain cybersystems. Traditional methods of defense and warfare, however, often do not apply to new technologies. Thus the cybercommunity is developing new standards for protecting computer resources against terrorist attack. From the perspective of national governments, much attention has been paid to the importance of secure critical infrastructure. This category of computer-dependent resources includes sectors vital to the smooth and orderly operation of public society, such as transportation, communications, and food production. These sectors are becoming increasingly dependent on computers to function, and the majority of critical infrastructure is owned by the private sector. This relationship between the public\u27s interest in critical infrastructure and the interests of the private sector raises questions about how to balance the public and private interests in a cyberterror protection plan. While governments have an interest in ensuring the security of critical infrastructure, they are reluctant to directly regulate privately-owned businesses. Since the late 1990s, the United States has been developing methods to secure infrastructure through public-private information-sharing partnerships, and has successfully taken steps to respect corporate privacy in the process. Conversely, Australia is in the early stages of developing a national strategy for critical infrastructure protection, and the government has faced corporate resistance to developing an information-sharing security network. In comparing the cybersecurity situation in Australia to that in the United States, the Australian government should follow many of the steps that have made the U.S. process such a success to date. In particular, it should adopt similar corporate privacy protection policies for information shared with the government for critical infrastructure protection purposes, and should emphasize the development of public-private co-regulation of critical infrastructure. While the United States has not yet reached complete cybersecurity, its extra years of experience should inform the development of Australian policymaking