LESSONS LEARNED:
CRITICAL INFORMATIONINFRASTRUCTUREPROTECTION

How to protect critical information infrastructure (CII)

This book comes with 23 key lessons, including how to:
Describe the critical infrastructure service and determine its service level;
Identify and analyse the interconnections and dependencies of information systems;
Create a functioning organisation to protect CII; and
Train people to make sure they are aware of cyber threats and know the correct behaviour.

Listen podcast...

More information and buy this book...

REVIEWS

Review: Lessons Learned: Critical Information Infrastructure Protection

Gregory Parfitt, Application Security Specialist
https://www.infosecurity-magazine.com/reviews/review-infrastructure-protection/

 

Review: Lessons Learned: Critical Information Infrastructure Protection

Professional Security Magazine
http://www.professionalsecurity.co.uk/reviews/lessons-learned-critical-information-infrastructure-protection/

BOOK RESOURCES

Quotes' links

Chapter 1
www.huffingtonpost.com/2011/06/13/panetta-cyberattack-next-pearl-harbor_n_875889.html

Chapter 2
www.attorneygeneral.gov.au/Speeches/Pages/2014/Second%20Quarter%202014/6June2014-OpeningAddressOfTheCriticalInfrastructureResilienceConference.aspx

Chapter 3
https://ro.usembassy.gov/remarks-by-u-s-charge-daffaires-ad-interim-dean-thompson-at-the-critical-infrastructure-protection-forum/

Chapter 4
www.huffingtonpost.com/daniel-wagner/the-growing-threat-of-cyb_b_10114374.html

Chapter 5
www.quicken.com/investing/stock-quotes/LMT/Lockheed-Martin-Corp/Collaboration-on-Critical-National-Infrastructure-Cybersecurity-Key-to-Minimising-UK-Economic-Risk-According-to-New-Study/600-201604120803PR_NEWS_USPRX____CL68540-1

Chapter 6
Tukey, John W. (1977). Exploratory Data Analysis. Pearson. ISBN 978-0201076165

Chapter 7
www.slideshare.net/dyohn/dl-yohn-notes-quotes-from-asp-02-25-10

Chapter 8
www.beehive.govt.nz/speech/speech-cyber-security-summit

Chapter 9
www.nsa.gov/news-features/speeches-testimonies/testimonies/adm-rogers-testimony-20nov2014.shtml

Chapter 10
www.nytimes.com/2012/10/12/world/panetta-warns-of-dire-threat-of-cyberattack.html
http://www.telegraph.co.uk/news/worldnews/northamerica/usa/9604794/US-at-risk-of-cyber-Pearl-Harbor-Leon-Panetta-warns.html

Chapter 11
http://europa.eu/rapid/press-release_SPEECH-13-51_en.htm

Chapter 12
www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/Magazin/BSI-Magazin_2015.pdf

Chapter 13
www.forbes.com/sites/frontline/2015/07/13/why-cybersecurity-leadership-must-start-at-the-top/print/

Chapter 14
www.iiss.org/en/events/gsr/sections/global-strategic-review-2010-946c/sixth-plenary-session-6e03/heli-tiirmaa-klaar-0e22

Chapter 15
https://archives.fbi.gov/archives/news/speeches/combating-threats-in-the-cyber-world-outsmarting-terrorists-hackers-and-spies

Chapter 16
www.cyberrescue.co.uk/library/quotes

Chapter 17
www.schneier.com/blog/archives/2013/08/hacking_consume.html

Chapter 18
https://infosecphils.wordpress.com/infosec-quotes/

Chapter 19
www.pinterest.com/pin/417920040400575538/

Chapter 20
www.gov.uk/government/speeches/cyber-security-information-sharing-programme

Chapter 21
www.csa.gov.sg/news/speeches/speech-at-nsc-2015

Chapter 22
www.brainyquote.com/quotes/authors/c/confucius.html#pzgm5wtCh4Qj2OuU.99

Chapter 23
www.ted.com/talks/mikko_hypponen_fighting_viruses_defending_the_net/transcript?language=en

Incidents' examples 

[1] A cyber attack on a steel mill caused damage to Germany’s industrial infrastructure by destroying human machine interaction components: www.sentryo.net/cyberattack-on-a-german-steel-mill

[2] In December 2015 a successful cyber attack on a power grid in the Ukraine compromised information systems and disrupted electricity supplies to end consumers: https://en.wikipedia.org/wiki/December_2015_Ukraine_power_grid_cyberattack

[3] The NonPetya ransomware attack is estimated to have cost shipping giant Maersk $300m and forced it to halt operations at 76 port terminals around the world. They were just one of the companies affected globally: www.theregister.co.uk/2017/08/16/notpetya_ransomware_attack_cost_us_300m_says_shipping_giant_maersk/ 

Audit checklist of critical infrastructure - download here