Browse

Journals By Subject

Life Sciences, Agriculture & Food
Chemistry
Medicine & Health
Materials Science
Mathematics & Physics
Electrical & Computer Science
Earth, Energy & Environment
Architecture & Civil Engineering
Education
Economics & Management
Humanities & Social Sciences
Multidisciplinary

Books

Publish Conference Abstract Books
Upcoming Conference Abstract Books
Published Conference Abstract Books
Publish Your Books
Upcoming Books
Published Books

Proceedings

Events

Events
Five Types of Conference Publications

Join

Join the Editorial Board
Become a Reviewer

Information

For Authors
For Reviewers
For Editors
For Conference Organizers
For Librarians
Article Processing Charges
Special Issue Guidelines
Editorial Process
Manuscript Transfers
Peer Review at SciencePG
Open Access
Copyright and License
Ethical Guidelines
Submit an Article
| Peer-Reviewed

Water Industry Cyber Security Human Resources and Training Needs

Richard Skiba
Published in International Journal of Engineering Management (Volume 4, Issue 1)
Received: 28 June 2020     Accepted: 15 July 2020     Published: 23 July 2020
Views:       Downloads:
Download PDF
Abstract

Cyber-attacks are a growing and persistent threat to water infrastructure, including drinking water and wastewater systems. Water infrastructure uses a number of technical control systems to manage and track infrastructure properties, including hardware and software, such as monitoring and data acquisition systems, process control systems, and other devices, such as programmable logic controllers, that control data gathering equipment and information technology. As these systems become more connected to corporate systems and the internet, security approaches are needed equally across both the control system and the corporate network infrastructure, as there are many potential entry points for cyber attackers to exploit to these systems. These cyber-attacks occur on water infrastructure world-wide and water providers, in order to reduce the risks, need to identify control system asset security vulnerabilities and design, build and maintain a security architecture proportionate to the risk. Human resources are fundamental to these cybersecurity systems and the required emerging job roles require industry specific definition. This paper provides definition on the roles and responsibilities for control system security governance, particularly from the perspective of skills and knowledge and training requirements with a view to addressing leading industry security standards for control systems and practices.

Published in International Journal of Engineering Management (Volume 4, Issue 1)
DOI 10.11648/j.ijem.20200401.12
Page(s) 11-16
Creative Commons

This is an Open Access article, distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, distribution and reproduction in any medium or format, provided the original work is properly cited.

Copyright

Copyright © The Author(s), 2020. Published by Science Publishing Group
Previous article
Keywords

Cyber Security, Cyber Attacks, Risk Mitigation, Critical Infrastructure, Water Industry, Scada, Supervisory Control and Data Acquisition

References
[1] Australian Industry Standards. (2019). Water Industry Reference Committee: Skills Forecast 2019. Retrieved from https://www.australianindustrystandards.org.au/wp-content/uploads/2019/06/nwp_sf2019_final_pages_low_res.pdf.
[2] American Water Works Association. (2019). 2019 AWWA State of the Water Industry Report. Retrieved from https://www.awwa.org/Portals/0/AWWA/ETS/Resources/2019_STATE%20OF%20THE%20WATER%20INDUSTRY_post.pdf.
[3] Germano, J. H. (2018). Cybersecurity Risk & Responsibility in the Water Sector. Denver, CO: AWWA. Retrieved from www.awwa.org/Portals/0/AWWA/Government/AWWACybersecurityRiskandResponsibility.pdf?ver=2018-12-05-123319-013.
[4] Department for Food and Rural Affairs. (2017). Water Sector Cyber Security Strategy: 2017-2021. Water Security and Resilience: London.
[5] Australian Computer Society. (2016). Cybersecurity: Threats, Challenges, Opportunities. Australian Computer Society: Sydney.
[6] Snyder, H. (2019). Literature review as a research methodology: An overview and guidelines. Journal of Business Research, 104, 333-339. https://doi.org/10.1016/j.jbusres.2019.07.039.
[7] Victorian Auditor-General's Office. (2019). Security of Water Infrastructure Control Systems. Victorian Government Printer.
[8] Department of Education, Skills and Employment. (2020). Qualification details: NWP40515 - Certificate IV in Water Industry Operations (Release 2). Retrieved from https://training.gov.au/Training/Details/NWP40515.
[9] Hassanzadeh, A., Rasekh, A., Galelli, S., Aghashahi, M., Taormina, R., Ostfeld, A., & Banks, M. (2019). A Review of Cybersecurity Incidents in the Water Sector. Journal of Environmental Engineering. https://doi.org/10.1061/(ASCE)EE.1943-7870.0001686.
[10] Masud, U. T. (2017). Incorporating Cybersecurity into Water Utility Master Planning: A Strategic, Cost-Effective Approach to Mitigate Control System Risk. Retrieved from https://literature.rockwellautomation.com/idc/groups/literature/documents/wp/water-wp002_-en-e.pdf.
[11] Anderson, N., & Phillips, B. (2013). Water and wastewater SCADA cybersecurity: Strategic approach to water and wastewater network architecture and segmentation. InTech Magazine, Sep-Oct.
[12] Bartlett, S. & Northcott, K. (2019). The Value of Water Industry Operator Competency: The What, Why and How. WaterWorks, November, 11-14.
[13] Brumfield, C. (2020). Attempted cyberattack highlights vulnerability of global water infrastructure. Retrieved from https://www.csoonline.com/article/3541837/attempted-cyberattack-highlights-vulnerability-of-global-water-infrastructure.html.
[14] Amengor, J. (2019). Cyber Security of / for Water Utilities in Africa. Retrieved from https://iwa-network.org/cyber-security-of-for-water-utilities-in-africa/.
[15] Zoe, E. (2019). What you need to know (and do) about cybersecurity training. Retrieved from https://www.efrontlearning.com/blog/2019/03/cyber-security-training-for-employees-101.html.
[16] Brook, C. (2018). What is SCADA Security? Retrieved from https://digitalguardian.com/blog/what-scada-security.
[17] Stouffer, K., Pillitteri, V., Lightman, S., Abrams, M., & Hahn, A. (2015). Guide to Industrial Control Systems (ICS) Security: Supervisory Control and Data Acquisition (SCADA) systems, Distributed Control Systems (DCS), and other control system configurations such as Programmable Logic Controllers (PLC). NIST Special Publication 800-82, Revision 2, National Institute of Standards and Technology, U.S. Department of Commerce.
[18] ELEKS Operations OU. (2019). SCADA Cyber Security Threats and Countermeasures: Ultimate Checklist. Retrieved from https://hackernoon.com/scada-cyber-security-threats-and-countermeasures-ultimate-checklist-f236f56938cd.
[19] Daalder, E. (2020). SCADA Cyber Security Information on Securing SCADA systems. Yokogawa Electric Corporation, Global SCADA Center.
Cite This Article
Plain Text BibTeX RIS

  • APA Style

    Richard Skiba. (2020). Water Industry Cyber Security Human Resources and Training Needs. International Journal of Engineering Management, 4(1), 11-16. https://doi.org/10.11648/j.ijem.20200401.12

    Copy | Download

    ACS Style

    Richard Skiba. Water Industry Cyber Security Human Resources and Training Needs. Int. J. Eng. Manag. 2020, 4(1), 11-16. doi: 10.11648/j.ijem.20200401.12

    Copy | Download

    AMA Style

    Richard Skiba. Water Industry Cyber Security Human Resources and Training Needs. Int J Eng Manag. 2020;4(1):11-16. doi: 10.11648/j.ijem.20200401.12

    Copy | Download 

  • @article{10.11648/j.ijem.20200401.12,
  author = {Richard Skiba},
  title = {Water Industry Cyber Security Human Resources and Training Needs},
  journal = {International Journal of Engineering Management},
  volume = {4},
  number = {1},
  pages = {11-16},
  doi = {10.11648/j.ijem.20200401.12},
  url = {https://doi.org/10.11648/j.ijem.20200401.12},
  eprint = {https://article.sciencepublishinggroup.com/pdf/10.11648.j.ijem.20200401.12},
  abstract = {Cyber-attacks are a growing and persistent threat to water infrastructure, including drinking water and wastewater systems. Water infrastructure uses a number of technical control systems to manage and track infrastructure properties, including hardware and software, such as monitoring and data acquisition systems, process control systems, and other devices, such as programmable logic controllers, that control data gathering equipment and information technology. As these systems become more connected to corporate systems and the internet, security approaches are needed equally across both the control system and the corporate network infrastructure, as there are many potential entry points for cyber attackers to exploit to these systems. These cyber-attacks occur on water infrastructure world-wide and water providers, in order to reduce the risks, need to identify control system asset security vulnerabilities and design, build and maintain a security architecture proportionate to the risk. Human resources are fundamental to these cybersecurity systems and the required emerging job roles require industry specific definition. This paper provides definition on the roles and responsibilities for control system security governance, particularly from the perspective of skills and knowledge and training requirements with a view to addressing leading industry security standards for control systems and practices.},
 year = {2020}
}

    Copy | Download 

  • TY  - JOUR
T1  - Water Industry Cyber Security Human Resources and Training Needs
AU  - Richard Skiba
Y1  - 2020/07/23
PY  - 2020
N1  - https://doi.org/10.11648/j.ijem.20200401.12
DO  - 10.11648/j.ijem.20200401.12
T2  - International Journal of Engineering Management
JF  - International Journal of Engineering Management
JO  - International Journal of Engineering Management
SP  - 11
EP  - 16
PB  - Science Publishing Group
SN  - 2640-1568
UR  - https://doi.org/10.11648/j.ijem.20200401.12
AB  - Cyber-attacks are a growing and persistent threat to water infrastructure, including drinking water and wastewater systems. Water infrastructure uses a number of technical control systems to manage and track infrastructure properties, including hardware and software, such as monitoring and data acquisition systems, process control systems, and other devices, such as programmable logic controllers, that control data gathering equipment and information technology. As these systems become more connected to corporate systems and the internet, security approaches are needed equally across both the control system and the corporate network infrastructure, as there are many potential entry points for cyber attackers to exploit to these systems. These cyber-attacks occur on water infrastructure world-wide and water providers, in order to reduce the risks, need to identify control system asset security vulnerabilities and design, build and maintain a security architecture proportionate to the risk. Human resources are fundamental to these cybersecurity systems and the required emerging job roles require industry specific definition. This paper provides definition on the roles and responsibilities for control system security governance, particularly from the perspective of skills and knowledge and training requirements with a view to addressing leading industry security standards for control systems and practices.
VL  - 4
IS  - 1
ER  -

    Copy | Download

Author Information

  • Richard Skiba

    LRES Training Management, Melbourne, Australia

Download PDF
  • Sections

About Us

Science Publishing Group (SciencePG) is an Open Access publisher, with more than 300 online, peer-reviewed journals covering a wide range of academic disciplines.

Learn More About SciencePG

Products

Information

Important Link

Copyright © 2012 -- 2024 Science Publishing Group – All rights reserved.