{"title":"围绕国防部应对国土上对重要基础设施的攻击,探索具有挑战性的领域:利用扩展的网络危害分类法对以往事件进行案例研究","authors":"Louis Nolan , Denise L. Tennant , Deanna House","doi":"10.1016/j.cose.2024.104198","DOIUrl":null,"url":null,"abstract":"<div><div>The complexity of DoD response to cyberattacks on critical infrastructure entities is a relatively understudied area, particularly when considering attacks that fall within the nebulous area of response, the cyber grey zone. Reliance on critical infrastructure by private, public, and defense sectors establishes the need for proactive research in this context, particularly learning from prior incidents to inform and plan for future events and responses. This research utilizes an extended taxonomy to categorize harms and thresholds related to cyberattacks on critical infrastructure to understand integrated (rather than divisive) approaches that utilize Department of Defense capabilities. The researchers extend a taxonomy of cyber harms to provide a system of categorization that can assist with determining when a threshold, or cyber red line, is surpassed and provide a starting point to establish future considerations under which an engagement by the Department of Defense is appropriate.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"150 ","pages":"Article 104198"},"PeriodicalIF":4.8000,"publicationDate":"2024-11-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Navigating challenging terrain surrounding DoD response to homeland attacks on critical infrastructure: Case studies of prior incidents utilizing an extended taxonomy of cyber harms\",\"authors\":\"Louis Nolan , Denise L. Tennant , Deanna House\",\"doi\":\"10.1016/j.cose.2024.104198\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><div>The complexity of DoD response to cyberattacks on critical infrastructure entities is a relatively understudied area, particularly when considering attacks that fall within the nebulous area of response, the cyber grey zone. Reliance on critical infrastructure by private, public, and defense sectors establishes the need for proactive research in this context, particularly learning from prior incidents to inform and plan for future events and responses. This research utilizes an extended taxonomy to categorize harms and thresholds related to cyberattacks on critical infrastructure to understand integrated (rather than divisive) approaches that utilize Department of Defense capabilities. The researchers extend a taxonomy of cyber harms to provide a system of categorization that can assist with determining when a threshold, or cyber red line, is surpassed and provide a starting point to establish future considerations under which an engagement by the Department of Defense is appropriate.</div></div>\",\"PeriodicalId\":51004,\"journal\":{\"name\":\"Computers & Security\",\"volume\":\"150 \",\"pages\":\"Article 104198\"},\"PeriodicalIF\":4.8000,\"publicationDate\":\"2024-11-13\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Computers & Security\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S0167404824005030\",\"RegionNum\":2,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers & Security","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0167404824005030","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
Navigating challenging terrain surrounding DoD response to homeland attacks on critical infrastructure: Case studies of prior incidents utilizing an extended taxonomy of cyber harms
The complexity of DoD response to cyberattacks on critical infrastructure entities is a relatively understudied area, particularly when considering attacks that fall within the nebulous area of response, the cyber grey zone. Reliance on critical infrastructure by private, public, and defense sectors establishes the need for proactive research in this context, particularly learning from prior incidents to inform and plan for future events and responses. This research utilizes an extended taxonomy to categorize harms and thresholds related to cyberattacks on critical infrastructure to understand integrated (rather than divisive) approaches that utilize Department of Defense capabilities. The researchers extend a taxonomy of cyber harms to provide a system of categorization that can assist with determining when a threshold, or cyber red line, is surpassed and provide a starting point to establish future considerations under which an engagement by the Department of Defense is appropriate.
期刊介绍:
Computers & Security is the most respected technical journal in the IT security field. With its high-profile editorial board and informative regular features and columns, the journal is essential reading for IT security professionals around the world.
Computers & Security provides you with a unique blend of leading edge research and sound practical management advice. It is aimed at the professional involved with computer security, audit, control and data integrity in all sectors - industry, commerce and academia. Recognized worldwide as THE primary source of reference for applied research and technical expertise it is your first step to fully secure systems.