Australian commercial-critical infrastructure management protection

Secure management of Australia\u27s commercial critical infrastructure presents ongoing challenges to owners and the government. Although managed via a high-level information sharing collaboration of government and business, critical infrastructure protection is further complicated by the lack of a lower-level scalable model exhibiting its various levels, sectors and sub-sectors. This research builds on the work of Marasea (2003) to establish a descriptive critical infrastructure model and also considers the influence and proposed modelling of critical infrastructure dependency inter-relationships.<br /

A model and framework for online security benchmarking

The variety of threats and vulnerabilities within the online business environment are dynamic and thus constantly changing in how they impinge upon online functionality, compromise organizational or customer information, contravene security implementations and thereby undermine online customer confidence. To nullify such threats, online security management must become proactive, by reviewing and continuously improving online security to strengthen the enterpriseis online security measures and policies, as modelled. The benchmarking process utilises a proposed benchmarking framework to guide both the development and application of security benchmarks created in the first instance, from recognized information technology (IT) and information security standards (ISS) and then their application to the online security measures and policies utilized within online business. Furthermore, the benchmarking framework incorporates a continuous improvement review process to address the relevance of benchmark development over time and the changes in threat focus.<br /

Analysis and modelling of critical infrastructure systems

The increasing complexity and interconnectedness of critical infrastructure systems, including the information systems and communication networks that support their existence and functionality, poses questions and challenges. Particularly, in terms of modelling and analysis of the security, survivability and ultimately reliability and continued availability of critical infrastructure systems and the services they deliver to modern society. The focus of this research enquiry is with regard to critiquing and modelling critical infrastructure systems. There are numerous systems analyse and modelling approaches that outline any number of differing methodological approaches, each with their own characteristics, expertise, strengths and weaknesses. The intention of this research is to investigate the merit of applying a &lsquo;softer&rsquo; approach to critical infrastructure system security analysis and modelling that broadly views the systems in holistic terms, including their relationships with other systems. The intention is not to discuss or criticise existing research applying quantitative approaches, but to discuss a &lsquo;softer&rsquo; system analysis and modelling approach in a security context that is adaptable to analysis modelling of critical infrastructure systems.<br /

E-business security benchmarking : a model and framework

The dynamic nature of threats and vulnerabilities within the e-business environment can impede online functionality, compromise organisational or customer information, contravene security implementations and thereby undermine online customer confidence. To negate these problems, e-business security has to become proactive, by reviewing and continuously improving security to strengthen e-business security measures and policies. This can be accomplished through benchmarking the security measures and policies utilised within the e-business, against recognised Information Technology (IT) and Information Security (IS) security standards.<br /

Security analysis and modelling framework for critical infrastructure systems

The provision and delivery of many of the services that modern society enjoys are the result of ubiquitous critical infrastructure systems that permeate across many sectors of the Australian community. Moreover, the integration of technological enhancements and networking interconnections between critical infrastructure systems has heightened system interdependence, availability and resilience, including the efficient delivery of services to consumers within Australia\u27s industrialised society. This research delivers a system security analysis and system modelling framework tool based on an associated conceptual methodology as the basis for assessing security and conceptually modelling a critical infrastructure system incident. The intent to identify potential system security issues and gain operational insights that will contribute to improving system resilience, contingency planning development applicable to disaster recovery and ameliorating incident management responses for Australian critical infrastructure system incidents.<br /

An emergent security risk : critical infrastructures and information warfare

This paper examines the emergent security risk that information warfare poses to critical infrastructure systems, particularly as governments are increasingly concerned with protecting these assets against attack or disruption. Initially it outlines critical infrastructure systems and the notion of information warfare. It then discusses the potential implications and examining the concerns and vulnerabilities such cyber attacks would pose, utilising exemplar online attack occurrences. It then examines the current Australian situation before suggesting some considerations to mitigate the potential risk that information warfare poses to critical infrastructure systems, and by association: government, industry and the wider community.<br /

Considerations for modelling critical infrastructure systems

The paper commences by reviewing and examining the structure of critical infrastructure systems from a holistic viewpoint, before venturing towards determining what are the necessary considerations required for modelling a specific system within the layered structural context of the larger holistic system.<br /

Conceptual modelling: choosing a critical infrastructure modelling methodology

This paper reports on further research undertaken regarding systems modelling as applied to critical infrastructure systems and networks and builds upon the initial modelling research of Pye and Warren (2006a). We discuss system characteristics, inter-relationships, dynamics and modelling of similar systems and why modelling of a critical infrastructure is important. In overview we compare four modelling methods and techniques previouslyused to model similar systems and discuss their potential transference to model critical infrastructure systems, before selecting the most promising and suitable for modelling critical infrastructure systems for further research.<br /