Security threats to critical infrastructure: the human factor

Ghafir, Ibrahim; Saleem, J.; Hammoudeh, M.; Faour, H.; Prenosil, V.; Jaf, S.; Jabbar, S.; Baker, T.

Publication

Security threats to critical infrastructure: the human factor

Ghafir, Ibrahim
;
Saleem, J.
;
Hammoudeh, M.
;
Faour, H.
;
Prenosil, V.
;
Jaf, S.
;
Jabbar, S.
;
Baker, T.

Publication Date

2018-10

Keywords

Critical infrastructure security, Security awareness, Cyber security training, Work-based security training, Security threats against critical infrastructure

Rights

© The Author(s) 2018. This article is distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, distribution, and reproduction in any medium, provided you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license, and indicate if changes were made.

Peer-Reviewed

Yes

Accepted for publication

2018

Collections

Engineering and Digital Technology Publications

Show all metadata

Files

Ghafir_Journal_of_Supercomputing

Adobe PDF, 1.06 MB

Abstract

In the twenty-first century, globalisation made corporate boundaries invisible and difficult to manage. This new macroeconomic transformation caused by globalisation introduced new challenges for critical infrastructure management. By replacing manual tasks with automated decision making and sophisticated technology, no doubt we feel much more secure than half a century ago. As the technological advancement takes root, so does the maturity of security threats. It is common that today’s critical infrastructures are operated by non-computer experts, e.g. nurses in health care, soldiers in military or firefighters in emergency services. In such challenging applications, protecting against insider attacks is often neither feasible nor economically possible, but these threats can be managed using suitable risk management strategies. Security technologies, e.g. firewalls, help protect data assets and computer systems against unauthorised entry. However, one area which is often largely ignored is the human factor of system security. Through social engineering techniques, malicious attackers are able to breach organisational security via people interactions. This paper presents a security awareness training framework, which can be used to train operators of critical infrastructure, on various social engineering security threats such as spear phishing, baiting, pretexting, among others.

URI

http://hdl.handle.net/10454/17618

Version

Published version

Citation

Ghafir I, Saleem J, Hammoudeh M et al (2018) Security threats to critical infrastructure: the human factor. The Journal of Supercomputing. 74: 4986-5002.

Link to Version of Record

https://doi.org/10.1007/s11227-018-2337-2

Type

Article

Security threats to critical infrastructure: the human factor

Ghafir, Ibrahim
;
Saleem, J.
;
Hammoudeh, M.
;
Faour, H.
;
Prenosil, V.
;
Jaf, S.
;
Jabbar, S.
;
Baker, T.

Publication Date

End of Embargo

Supervisor

Keywords

Rights

Peer-Reviewed

Open Access status

Accepted for publication

Institution

Department

Awarded

Embargo end date

Collections

Files

Additional title

Abstract

URI

Version

Citation

Link to publisher’s version

Link to published version

Link to Version of Record

Type

Qualification name

Notes

Security threats to critical infrastructure: the human factor

Ghafir, Ibrahim ; Saleem, J. ; Hammoudeh, M. ; Faour, H. ; Prenosil, V. ; Jaf, S. ; Jabbar, S. ; Baker, T.

Publication Date

End of Embargo

Supervisor

Keywords

Rights

Peer-Reviewed

Open Access status

Accepted for publication

Institution

Department

Awarded

Embargo end date

Collections

Files

Additional title

Abstract

URI

Version

Citation

Link to publisher’s version

Link to published version

Link to Version of Record

Type

Qualification name

Notes

Ghafir, Ibrahim
;
Saleem, J.
;
Hammoudeh, M.
;
Faour, H.
;
Prenosil, V.
;
Jaf, S.
;
Jabbar, S.
;
Baker, T.