LESSONS LEARNED:
CRITICAL INFORMATIONINFRASTRUCTUREPROTECTION
How to protect critical information infrastructure (CII)
This book comes with 23 key lessons, including how to:
Describe the critical infrastructure service and determine its service level;
Identify and analyse the interconnections and dependencies of information systems;
Create a functioning organisation to protect CII; and
Train people to make sure they are aware of cyber threats and know the correct behaviour.
REVIEWS
Review: Lessons Learned: Critical Information Infrastructure Protection
Gregory Parfitt, Application Security Specialist
https://www.infosecurity-magazine.com/reviews/review-infrastructure-protection/
Review: Lessons Learned: Critical Information Infrastructure Protection
Professional Security Magazine
http://www.professionalsecurity.co.uk/reviews/lessons-learned-critical-information-infrastructure-protection/
BOOK RESOURCES
Quotes' links
Chapter 1
www.huffingtonpost.com/2011/06/13/panetta-cyberattack-next-pearl-harbor_n_875889.html
Chapter 4
www.huffingtonpost.com/daniel-wagner/the-growing-threat-of-cyb_b_10114374.html
Chapter 6
Tukey, John W. (1977). Exploratory Data Analysis. Pearson. ISBN 978-0201076165
Chapter 7
www.slideshare.net/dyohn/dl-yohn-notes-quotes-from-asp-02-25-10
Chapter 8
www.beehive.govt.nz/speech/speech-cyber-security-summit
Chapter 9
www.nsa.gov/news-features/speeches-testimonies/testimonies/adm-rogers-testimony-20nov2014.shtml
Chapter 10
www.nytimes.com/2012/10/12/world/panetta-warns-of-dire-threat-of-cyberattack.html
http://www.telegraph.co.uk/news/worldnews/northamerica/usa/9604794/US-at-risk-of-cyber-Pearl-Harbor-Leon-Panetta-warns.html
Chapter 11
http://europa.eu/rapid/press-release_SPEECH-13-51_en.htm
Chapter 12
www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/Magazin/BSI-Magazin_2015.pdf
Chapter 13
www.forbes.com/sites/frontline/2015/07/13/why-cybersecurity-leadership-must-start-at-the-top/print/
Chapter 16
www.cyberrescue.co.uk/library/quotes
Chapter 17
www.schneier.com/blog/archives/2013/08/hacking_consume.html
Chapter 18
https://infosecphils.wordpress.com/infosec-quotes/
Chapter 19
www.pinterest.com/pin/417920040400575538/
Chapter 20
www.gov.uk/government/speeches/cyber-security-information-sharing-programme
Chapter 21
www.csa.gov.sg/news/speeches/speech-at-nsc-2015
Chapter 22
www.brainyquote.com/quotes/authors/c/confucius.html#pzgm5wtCh4Qj2OuU.99
Chapter 23
www.ted.com/talks/mikko_hypponen_fighting_viruses_defending_the_net/transcript?language=en
Incidents' examples
[1] A cyber attack on a steel mill caused damage to Germany’s industrial infrastructure by destroying human machine interaction components: www.sentryo.net/cyberattack-on-a-german-steel-mill
[2] In December 2015 a successful cyber attack on a power grid in the Ukraine compromised information systems and disrupted electricity supplies to end consumers: https://en.wikipedia.org/wiki/December_2015_Ukraine_power_grid_cyberattack
[3] The NonPetya ransomware attack is estimated to have cost shipping giant Maersk $300m and forced it to halt operations at 76 port terminals around the world. They were just one of the companies affected globally: www.theregister.co.uk/2017/08/16/notpetya_ransomware_attack_cost_us_300m_says_shipping_giant_maersk/
Audit checklist of critical infrastructure - download here