Additionally, many critical systems are not designed with security in mind, claims Mark Chaplin, author of a new report on the subject. "The relationship between information systems and critical infrastructure is often overlooked."
"Infosec professionals are rarely involved in the design, planning, implementation and management of infrastructure components such as production lines, support networks and electricity supply - this has to change."
Nigel Brown, head of resilient communications, The Cabinet Office, echoed the sentiment, pointing out that communications technology is not necessarily reliable in an emergency: "The 7/7 London bombings highlighted the need for increased resilience in the communications network. There were rumours that the Government had shut down the mobile network to prevent terrorists exploiting it, but in fact the sheer volume of traffic had caused it to fail. The increasing reliance on mobile technology - convergence - is in fact causing a lack of diversity. If the power grid fails, all 2g and 3g mobile technology will fail within 30-40 minutes..."
The report from the Information Security Forum (ISF), 'Securing Critical Infrastructure', focuses on four different categories of critical infrastructure: operations, telecoms, utilities and buildings. It details the processes that decision makers should go through to ensure that security concerns have been addressed before a major incident, such as identifying the most critical areas, defining which information systems are involved in these areas, performing a risk analysis and finally establishing a framework of controls.
.png&w=120&c=1&s=0)
EDUtech AU
Integrate Expo 2025
.png&w=120&c=1&s=0)
Security Exhibition & Conference 2025
Digital As Usual Cybersecurity Roadshow: Brisbane edition
iTnews Benchmark Security Awards 2025
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
