EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

Risky travel: The missing piece for holistic cyber security risk management

Moh Cissé
Additional contact information
Moh Cissé: CEO, M6C StrategIT, Canada

Cyber Security: A Peer-Reviewed Journal, 2018, vol. 2, issue 2, 131-142

Abstract: What types of risk might the following professionals introduce to their business during a business trip with corporate information assets: CEO travelling to initiate acquisition negotiations; engineer travelling for impact analysis of new inventions with a business partner; VP Marketing travelling to ‘sell’ the benefits of his company’s latest product; cyber security expert responsible for network architecture design traveling to attend HACKFEST conference? The risk common to all these professionals is the exposure of their network to a sophisticated cyber security attack by infection, wiretapping, interception, substitution or sessions replay. This paper defines and considers Operational Technology (OT), as opposed to Information Technology (IT), which refers to computing systems that are used to manage industrial operations rather than administrative operations. Operational systems include production line management, mining operations control, oil and gas monitoring, etc. Due to the nature of the impact of potential threats, OT networks require maximum protection, not only in terms of data but also — and above all — to avoid security breaches that may have an impact on national security or even human life. Stuxnet, Dragonfly and BlackEnergy are well-known malicious programs that have damaged many OT networks, with major consequences for power production, storage and distribution. Stuxnet destroyed much of the centrifuge of Iran’s uranium enrichment programme. Germany revealed in a government report that a steel production furnace had been damaged in a cyber security attack by Dragonfly. At Christmas 2015, several Ukrainian companies in the energy sector were attacked by BlackEnergy, causing blackouts in at least eight regions of Ukraine. The paper concludes by encouraging OT professionals to focus on a model that leans on human, process and technology in order to provide the most appropriate mobility services.

Keywords: corporate information assets; wiretapping; interception; substitution; sessions replay; Operational Technology (OT); Dragonfly; BlackEnergy (search for similar items in EconPapers)
JEL-codes: M15 (search for similar items in EconPapers)
Date: 2018
References: Add references at CitEc
Citations:

Downloads: (external link)
https://hstalks.com/article/4606/download/ (application/pdf)
https://hstalks.com/article/4606/ (text/html)
Requires a paid subscription for full access.

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:aza:csj000:y:2018:v:2:i:2:p:131-142

Access Statistics for this article

More articles in Cyber Security: A Peer-Reviewed Journal from Henry Stewart Publications
Bibliographic data for series maintained by Henry Stewart Talks ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-03-19
Handle: RePEc:aza:csj000:y:2018:v:2:i:2:p:131-142