The identification of information sources to aid with Critical Information Infrastructure Protection

2013 Information Security for South Africa Pub Date : 2013-10-21 DOI:10.1109/ISSA.2013.6641038

J. Mouton, Ian Ellefsen

{"title":"The identification of information sources to aid with Critical Information Infrastructure Protection","authors":"J. Mouton, Ian Ellefsen","doi":"10.1109/ISSA.2013.6641038","DOIUrl":null,"url":null,"abstract":"Providing Critical Information Infrastructure Protection (CIIP) has become an important focus area for countries across the world with the widespread adoption of computer systems and computer networks that handle and transfer large amounts of sensitive information on a daily basis. Most large organisations have their own security teams that provide some form of protection against cyber attacks that are launched by cybercriminals. It is however often the case that smaller stakeholders such as schools, pharmacies and other SMEs might not have the required means to protect themselves against these cyber attacks. The distribution of relevant and focused information is an important part of providing effective protection against cyber attacks. In this paper some of the existing mechanisms and formats in which information related to software security vulnerabilities are provided to the public are discussed and reviewed. Providing focused and relevant information can enable smaller stakeholders such as SMEs that have a limited set of skills and expertise to limit their risk of exposure to cyber attacks.","PeriodicalId":300864,"journal":{"name":"2013 Information Security for South Africa","volume":"15 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-10-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"3","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 Information Security for South Africa","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISSA.2013.6641038","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 3

Abstract

Providing Critical Information Infrastructure Protection (CIIP) has become an important focus area for countries across the world with the widespread adoption of computer systems and computer networks that handle and transfer large amounts of sensitive information on a daily basis. Most large organisations have their own security teams that provide some form of protection against cyber attacks that are launched by cybercriminals. It is however often the case that smaller stakeholders such as schools, pharmacies and other SMEs might not have the required means to protect themselves against these cyber attacks. The distribution of relevant and focused information is an important part of providing effective protection against cyber attacks. In this paper some of the existing mechanisms and formats in which information related to software security vulnerabilities are provided to the public are discussed and reviewed. Providing focused and relevant information can enable smaller stakeholders such as SMEs that have a limited set of skills and expertise to limit their risk of exposure to cyber attacks.

查看原文本刊更多论文

识别信息源以帮助关键信息基础设施保护

随着每天处理和传输大量敏感信息的计算机系统和计算机网络的广泛采用，提供关键信息基础设施保护(CIIP)已成为世界各国关注的重要领域。大多数大型组织都有自己的安全团队，为网络罪犯发起的网络攻击提供某种形式的保护。然而，通常情况下，学校、药店和其他中小企业等较小的利益相关者可能没有必要的手段来保护自己免受这些网络攻击。发布有针对性的相关信息是有效防范网络攻击的重要组成部分。本文讨论和回顾了向公众提供软件安全漏洞相关信息的一些现有机制和格式。提供有针对性的相关信息，可以使技能和专业知识有限的中小企业等较小的利益相关者降低遭受网络攻击的风险。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2013 Information Security for South Africa

自引率

0.00%

发文量