Business Continuity for Critical Infrastructure Operators

Critical infrastructures often lack resilience and easily lose critical functionalities if hit by adverse events. Continuity management strategies for critical infrastructure operators and the networks that they form, rely also on the functionality of other interrelated networks. Disruptions in operations may affect society and for this reason, securing the operations of critical infrastructure operators is important. The technological impacts of CPS become evident to the resilience of all fields of critical infrastructure, but there is also human elements to take into account. The research question of this study is: How to enhance business continuity of critical infrastructure? This case study research uses qualitative methods collected by conducting interviews of resilience and continuity professionals who work with Finnish critical infrastructure. Resilience and continuity management are key for critical infrastructure operators. Important factors identified were identifying risks, critical activities, key personnel, creating guidelines and procedures, and open communication, which themes were recognised as important to improve resilience and manage continuity.</p

Cybersecurity in Skills Development and Leadership

Information and Communications Technology (ICT) enables organisations absorb state-ofthe- art knowledge from external sources, and develop skills that promote productivity, competitiveness and organizational learning. This study, completed as part of project ECHO efforts, aims to understand how cybersecurity is seen by PhD students specializing in it. The participants (n = 25) were asked to discuss what is cybersecurity, its elements, and users. The Typeform survey tool was used to collect, store, and analyse this data. The results indicate that successful cybersecurity provides multi-level protection of organisational infrastructures, personal and organisational data, and financial interests of organisations. Failure to protect these may result in negative reputation, financial, ethical, and operational impacts. Human users may be the weakest link in the system, which should be seriously taken into account when deploying cybersecurity measures and administrative user privileges. Users need to be educated in cybersecurity and be aware of threats and new developments and attacker tactics, in particular in the case of social engineering attacks. Basic technical knowledge and capabilities to detect and appropriately report attacks are needed for all levels of ICT users

Yhteiskehittäminen EU-rahoitetuissa hankkeissa

The European Union (EU) promotes innovation through its research funding programmes. They offer opportunities for the co-creation of knowledge that involve diverse groups of academics, businesses and public organizations in project consortia. Projects focus in sharing insights and experiences, though participants may have conflicting interests. This study aims to gain understanding of knowledge co-creation for innovation in funded projects from the viewpoint of multi-stakeholder communication. There is a particular focus on communication with end-users. The topic is studied from four theoretical perspectives: the co-creation of knowledge, innovation networks, knowledge development processes and the resilience of complex social networks. The context are eight EU-funded projects aimed at research and innovation. According to the findings common development goals serve as the basis for partners to engage in sharing insights and experiences while developing knowledge for innovation. The perspective of the co-creation of knowledge highlights an intensive interaction between many diverse actors engaging in building relationships and trust that enable jointly working on a common problem. The perspective of innovation networks highlights that comprehensive solutions may require different roles from actors facilitated by structures and communication expertise. The perspective of knowledge development processes points to evolving input, throughput and output communication when engaging various stakeholders, especially end-users, adapting participation strategies over time. The perspective of resilience of complex social networks emphasizes agile project communication to address vulnerabilities through interdependencies. Research and innovation projects bring complex processes, which call in- teractions among diverse groups of stakeholders. This study adds to the overall body of knowledge on co-creation in innovation networks and, in particular, collaboration within EU-funded research and innovation project consortia

Piloting the ECHO e-Skills and Training Toolkit

Besides many benefits, ICT technologies are faced with cyber threats. Organ-izations of today, therefore, face many challenges that require technical, sit-uation awareness, and problem-solving related e-skills from a wide level of organizational actors. Business survival depends on how well an organization can implement new IT and take advantage of the opportunities offered by this new IT. Cybersecurity is a pressing issue in modern society. It affects busi-nesses, personal lives, and critical infrastructures. There is a growing need for proficiently cyber-trained personnel to protect society and its organizations and systems. The ECHO E-skills and Training Toolkit was piloted with a team of higher education business ICT teachers. First, the team supervisors chose and valued the most relevant Technical, Situation awareness, and Problem-solving re-lated e-skills. These choices were then given to the pilot test group to discuss and adjust. This pilot study shows that the ECHO E-skills and Training Toolkit can be used to benefit any organization that wishes to assess the e-skills of its personnel and training gaps

Cyber Situational Awareness in Critical Infrastructure Protection

The European Union promotes collaboration between authorities and the private sector, and the providers of the most critical services to society face security related obligations. In this paper, critical infrastructure is seen as a system of systems that can be subject to cyber-attacks and&nbsp; other disturbances. Situational awareness (SA) enhances preparations for and decision-making during assessed and unforeseen disruptive incidents, and promoting Cyber effective situational&nbsp; awareness (CSA) requires information sharing between the different interest groups. This research is constructive in nature, where innovative constructions developed as solutions&nbsp; for domain-specific real world problems, while the research question is: “How can cyber&nbsp; situational awareness protect critical infrastructures?” The Observe – Orient – Decide – Act (OODA) loop is examined as a way to promote&nbsp; collaboration towards a shared situational picture, awareness and understanding to meet challenges of forming CSA in relation to risk assessment (RA) and improving resilience. Three levels of organizational decision-making are examined in relation a five-layer cyber structure of an organization to provide a more comprehensive systems view of organizational cyber security. Successful, crisis-management efforts enable organizations to sustain and resume operations, minimize losses, and adapt to manage future incidents, as many critical&nbsp;infrastructures typically lack resilience and may easily lose essential functionality when hit by&nbsp;an adverse event. Situation awareness is the main prerequisite towards cyber security. Without situation awareness, it is impossible to systematically prevent, identify, and protect the system from cyber incidents.</p

Light-Activated Liposomes Coated with Hyaluronic Acid as a Potential Drug Delivery System

Light-activated liposomes permit site and time-specific drug delivery to ocular and systemic targets. We combined a light activation technology based on indocyanine green with a hyaluronic acid (HA) coating by synthesizing HA–lipid conjugates. HA is an endogenous vitreal polysaccharide and a potential targeting moiety to cluster of differentiation 44 (CD44)-expressing cells. Light-activated drug release from 100 nm HA-coated liposomes was functional in buffer, plasma, and vitreous samples. The HA-coating improved stability in plasma compared to polyethylene glycol (PEG)-coated liposomes. Liposomal protein coronas on HA- and PEG-coated liposomes after dynamic exposure to undiluted human plasma and porcine vitreous samples were hydrophilic and negatively charged, thicker in plasma (~5 nm hard, ~10 nm soft coronas) than in vitreous (~2 nm hard, ~3 nm soft coronas) samples. Their compositions were dependent on liposome formulation and surface charge in plasma but not in vitreous samples. Compared to the PEG coating, the HA-coated liposomes bound more proteins in vitreous samples and enriched proteins related to collagen interactions, possibly explaining their slightly reduced vitreal mobility. The properties of the most abundant proteins did not correlate with liposome size or charge, but included proteins with surfactant and immune system functions in plasma and vitreous samples. The HA-coated light-activated liposomes are a functional and promising alternative for intravenous and ocular drug delivery

Onko siviilivalmiudelle tarvetta Suomessa? : Siviilivalmiuden käsite, käyttö ja lisäarvo osana kansallista varautumista

Tässä hankkeessa selvitettiin siviilivalmiuden käsitettä ja soveltamista osana suomalaista varautumis- ja valmiusjärjestelmää sekä tarkasteltiin käsitteen käyttöä Euroopan unionissa, Natossa, Pohjoismaiden neuvostossa ja verrokkimaissa. Tutkimus osoittaa, että siviilivalmiuden käsitteellä ei ole Suomessa vakiintunutta asemaa ja määritelmää. Käsite voidaan ymmärtää yhteiskunnan prosessina tai tilana, jolla vastataan tunnistettuihin uhkiin ei-sotilaallisesti. Siviilivalmius on korostuneesti Nato-yhteyksissä hyödynnetty käsite. Siviilivalmiutta kuvastavia toimintoja on useissa kansainvälisissä verrokkimaissa, vaikkei niitä kutsuttaisi tällä käsitteellä. Suomessa käsitettä on käytetty kuvaamaan pelastustoimen varautumis- ja valmiustyötä sekä Nato-rauhankumppanuuteen ja -jäsenyyteen sisältynyttä siviilivalmiusyhteistyötä. Tutkimuksessa tehdyissä haastatteluissa, kyselyssä ja työpajakeskustelussa todettiin siviilivalmiuskäsitteen ja soveltamisalan vaativan selkeyttämistä. Selvityksen pohjalta suositellaan kansallisen terminologian yhteensovittamista kansainväliseen käsitteistöön, siviilivalmiuden roolin tarkastelua osana yhteiskunnan kokonaisturvallisuusstrategian laadintaa ja valmiuslain uudistamista, yhteisymmärryksen kasvattamista tarvittavista toimenpiteistä, eri tahojen intressien tasapuolisuutta kehitystyössä sekä käsitteiden merkitysten moninaisuuden huomiointia.Tämä julkaisu on toteutettu osana valtioneuvoston selvitys- ja tutkimussuunnitelman toimeenpanoa. (tietokayttoon.fi) Julkaisun sisällöstä vastaavat tiedon tuottajat, eikä tekstisisältö välttämättä edusta valtioneuvoston näkemystä

Increasing Cooperation between the European Maritime Domain Authorities

This research brings out the European Common In formation Sharing Environment (CISE) together with authorities’ cooperation in the maritime domain. Coherence between different national processes is challenging because of the differences between the partners from different Member States. On the other hand, differences in administrative, legal frameworks, and technical issues are solvable. Cross-sectoral cooperation should be enhanced by strengthening cross-sectoral knowledge through exploring the other sectors work methods. Widely shared information supports operations planning and sharing of resources on the European maritime domain. The results of this study show that the authorities are beginning to realize the importance of cooperation and information sharing cross-border and cross-sector: cooperation should be based on common objectives and emphasize the benefits of cooperation

End-users Co-create Shared Information for a More Complete Real-time Maritime Picture

European Union Member States are working towards an integrated maritime surveillance and deeper information sharing and implementation of Common Information Sharing Environment. Value networks aiming at co-creation, need active facilitation, and relevant platforms for open cooperation. This study analysed scenario analytics, and narrative documents from projects CoopP, CISE, and MARISA by using a Data Extraction Table to classify both objects and phenomenon relevant to European maritime information sharing systems. The object and phenomenon rows are grouped under a European Coast Guard Functions, CGFs framework, to better understand their occurrence and interdependencies. This paper finds that objects and phenomena need to be continuously evaluated against evolving risk and treat scenarios and end-user needs. Shared maritime information systems need to include tools for continuous self-revaluation. Added complexity may greatly reduce the time to value creation and innovation, which in this context is the ability to create greater common knowledge, learning, and value. Thus, faster and more widely shared information on objects and phenomena result in an accurate Recognized Maritime Picture, which supports threat assessment, asset and operations planning, and sharing of resources for added safety and security on the European maritime domain