Abstract
The standards applicable to Information Security are legion, from the purely technical, low-level specification of crypto protocols to the high-level organisational management frameworks. Industrial Control Systems - among them the Information Systems in Critical Infrastructure - still present their own set of challenges and quirks, despite the convergence trend towards mainstream information technologies and networking. Among these challenges we can recognise the still widespread use of legacy and proprietary systems with a long life and often poor documentation, the geographical spread, the fact that ICSs control physical equipment with all the related consequences (safety risk, difficulty of testing), the lack of IT and especially security training among the personnel, the legal and regulatory environment. The paper analyses the application of standards in Critical Infrastructure Information Protection, both from an organisational and technical perspective, their choice, their implementation and economic cost and benefits, in the context of the existing legal landscape, in particular in the European Union context. A brief theoretical excursus will examine a cost-benefit model for policymakers called to formulate the best policy in mandating - or not - the use of standards.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer Fachmedien Wiesbaden
About this paper
Cite this paper
Guarino, A. (2015). Information Security Standards in Critical Infrastructure Protection. In: Reimer, H., Pohlmann, N., Schneider, W. (eds) ISSE 2015. Springer Vieweg, Wiesbaden. https://doi.org/10.1007/978-3-658-10934-9_22
Download citation
DOI: https://doi.org/10.1007/978-3-658-10934-9_22
Published:
Publisher Name: Springer Vieweg, Wiesbaden
Print ISBN: 978-3-658-10933-2
Online ISBN: 978-3-658-10934-9
eBook Packages: Computer ScienceComputer Science (R0)