Towards a Global CIs’ Cyber-Physical Security Management and Joint Coordination Approach

Abstract

AbstractCritical Infrastructures (CIs) face numerous cyber-physical threats that can affect citizens’ lives and habits, increase their feeling of insecurity, and influence the seamless services provision. During such incidents, but also in general for the security of CIs several internal and external stakeholders are involved, having different needs and requirements, trying to cooperate, respond and recover. Although CIs security management process is well analyzed in the literature there is a need to set a common ground among different CIs, thus reducing administration/coordination overhead and rendering the decision making and crisis management process more efficient. In this direction, this paper considers three different CIs (airport facilities, gas infrastructures, and hospitals); presents the current and emerging physical and cyber security related regulations and standards, operations, organisational and technical measure and; finally, through the discussion on gaps and best practices identified, proposes a global, cyber-physical security management and joint coordination approach. The proposed approach recommends among others that the adoption of a Holistic Security Operation Centre (HSOC) in each CI and a National Coordination Centre (NCC), supervising them, which will facilitate the communication and cooperation between the different CI operators and stakeholders, in case of an incident, that may have cascading effects to interconnected Infrastructures. The findings presented and the conclusions drawn are linked with three EU funded research projects (SATIE, SecureGas and SAFECARE), that aim to improve physical and cyber security of CIs in a seamless and cost-effective way.