Author:
Aoyama Tomomi,Nakano Toshihiko,Koshijima Ichiro,Hashimoto Yoshihiro,Watanabe Kenji, ,
Abstract
The purpose of this study is to illustrate how exercises can play the role of a driving power to improve an organization’s cyber security preparedness. The degree of cyber security preparedness varies significantly among organizations. This implies that training and exercises must be tailored to specific capabilities. In this paper, we review the National Institute of Standards and Technology (NIST) cybersecurity framework that formalizes the concept of tier, which measures the degree of preparedness. Subsequently, we examine the types of exercises available in the literature and propose guidelines that assign specific exercise types, aims, and participants to each level of preparedness. The proposed guideline should facilitate the reinforcement of cybersecurity risk management practices, reduce resource misuse, and lead to a smooth improvement of capabilities.
Publisher
Fuji Technology Press Ltd.
Subject
Engineering (miscellaneous),Safety, Risk, Reliability and Quality
Reference17 articles.
1. R. M. Lee, M. J. Assante, and T. Conway, “Analysis of the cyber attack on the Ukrainian power grid,” SANS Industrial Control Systems, 2016.
2. S. M. Rinaldi, J. P. Peerenboom, and T. K. Kelly, “Identifying, understanding, and analyzing critical infrastructure interdependencies,” IEEE Control Systems, Vol.21, No.6, pp. 11–25, 2001.
3. A. Boin and A. McConnell, “Preparing for critical infrastructure breakdowns: the limits of crisis management and the need for resilience,” Journal of Contingencies and Crisis Management, Vol.15, No.1, pp. 50–59, 2007.
4. D. Elliott, E. Swartz, and B. Herbane, “Business Continuity Management 2e: A Crisis Management Approach,” Taylor & Francis, 2010.
5. J. Ford and A. M. Schmidt, “Emergency response training: strategies for enhancing real-world performance,” Journal of Hazardous Materials, Vol.75, No.23, pp. 195 – 215, 2000.
Cited by
11 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献