Research Article
Year 2024,
Volume: 16 Issue: 2, 438 - 449, 31.12.2024
Abstract
Strong information security management systems (ISMS) are necessary for maintaining corporate information security. This study was undertaken to examine the viewpoints of professionals in the field of information security within the energy sector and to provide recommendations for system improvements by using the survey method to see the effects of the application of ISMS. A total of 181 participants from the Republic of T¨urkiye Ministry of Energy and Natural Resources were extensively surveyed. The surveys were grouped as personnel, ISMS employees, and managers. The results were carefully analyzed. It was seen that the personnel in the sector had a largely positive approach to ISMS implementations. The findings obtained in the analysis report were examined in all aspects. Various suggestions for improvements were made for ISMS, especially for increasing awareness training and the number of personnel.
Keywords
Information security information security management systems energy sector critical infrastructure
References
- Aydın, H., Barışkan, M.A., Çetinkaya, A., Siber güvenlik kapsamında enerji sistemleri güvenliğinin değerlendirilmesi, Güvenlik Bilimleri Dergisi, 10(1)(2021), 151–174.
- Baran, G., COSMICENERGY – New OT Malware Causes Electric Power Disruption, Cyber Security News, 2023, Access address: https://cybersecuritynews.com/cosmicenergy-ot-malware/
- Baran, G., Ransomhub Attacking Industrial Control Systems To Encrypt And Exfiltrate Data. Cyber Security News, 2024, Access address: https://cybersecuritynews.com/cosmicenergy-ot-malware/
- Cohen, G., Throwback Attack: Korea Hydro Oath Nuclear Power Highlights the Vulnerability of Critical Systems, Industrial Cyber Security Pulse, 2023, Access address: https://www.industrialcybersecuritypulse.com/threats-vulnerabilities/throwback-attack-korea-hydro-and-nuclearpower-highlights-the-vulnerability-of-critical-systems/
- Dilipraj, E., Supposed cyber attack on Kudankulam nuclear infrastructure — A benign reminder of a possibility reality, Centre for Air Power Studies, 129(2019), 1–5.
- Hemsley, K. E., Fisher, E., History of industry control system cyber incidents (No. INL/CON-18-44411-Rev002). Idaho National Lab. (INL), Idaho Falls, ID (United States), 2018.
- IEC. History. Access address: https://www.iec.ch/history, Access date:11/05/2024
- ISO/IEC 27001. (2022). Information Security Management Systems-Requirements.
- ISO. What we do. Access address: https://www.iso.org/what-we-do.html . Access date: 11/05/2024
- Kara, M., Cyber-Attacks-Cyber Wars and Their Effects, Master’s Thesis, Institute of Social Sciences, ˙Istanbul Bilgi University, 2013.
- Karabacak, B., Cyber threats to critical infrastructures and cyber security recommendations for T¨urkiye. Cyber SecurityWorkshop, Information Security Association, Ankara, 29(2011), 1-11.
- Khan, F.B., Asad, A., Durad , H., Mohsin , S.M., Kazmi, S.N., Dragonfly cyber-Threats: A case study of malware attacks targeting power grids, Journal of Computing & Biomedical Informatics, 4(02)(2023), 172–185.
- Kılıç, B., Information Security Management in Law Offices in Turkey in Terms of ISO/IEC 27001 Information Security Management System, Master’s Thesis, Gazi University Informatics Institute, 2019.
- NIST. AboutNIST. Access address: https://www.nist.gov/about-nist . Access date:12/05/2024.
- Presidential Digital Transformation Office. (2020). Information and Communication Security Guide, 19-34. Ankara T¨urkiye.
- Presidential Digital Transformation Office. (2021). Information and Communication Security Audit Guide, 17th Ankara,T¨urkiye.
- Shull, A. (2014). Global cybercrime: the interplay of politics oath law. Organized Chaos: Reimagining the Internet, 97.
- TSE. Establishment of TSE. Access address: https://www.tse.org.tr/hakkimizda/. Access date:12/05/2024
- Yıldız, H., Anomaly Detection in Smart Grids Based on Software-Defined Networks Oath The Internet of Things, Master’s Thesis, Sakarya University, 2023.
- Yenienerji. (2013). Telvent, Schneider More powerful with Electric. New energy. Access address: https://www.yenienerji.com/roportaj/telventschnneider-electric-ile-daha-guclu.
Year 2024,
Volume: 16 Issue: 2, 438 - 449, 31.12.2024
Abstract
References
- Aydın, H., Barışkan, M.A., Çetinkaya, A., Siber güvenlik kapsamında enerji sistemleri güvenliğinin değerlendirilmesi, Güvenlik Bilimleri Dergisi, 10(1)(2021), 151–174.
- Baran, G., COSMICENERGY – New OT Malware Causes Electric Power Disruption, Cyber Security News, 2023, Access address: https://cybersecuritynews.com/cosmicenergy-ot-malware/
- Baran, G., Ransomhub Attacking Industrial Control Systems To Encrypt And Exfiltrate Data. Cyber Security News, 2024, Access address: https://cybersecuritynews.com/cosmicenergy-ot-malware/
- Cohen, G., Throwback Attack: Korea Hydro Oath Nuclear Power Highlights the Vulnerability of Critical Systems, Industrial Cyber Security Pulse, 2023, Access address: https://www.industrialcybersecuritypulse.com/threats-vulnerabilities/throwback-attack-korea-hydro-and-nuclearpower-highlights-the-vulnerability-of-critical-systems/
- Dilipraj, E., Supposed cyber attack on Kudankulam nuclear infrastructure — A benign reminder of a possibility reality, Centre for Air Power Studies, 129(2019), 1–5.
- Hemsley, K. E., Fisher, E., History of industry control system cyber incidents (No. INL/CON-18-44411-Rev002). Idaho National Lab. (INL), Idaho Falls, ID (United States), 2018.
- IEC. History. Access address: https://www.iec.ch/history, Access date:11/05/2024
- ISO/IEC 27001. (2022). Information Security Management Systems-Requirements.
- ISO. What we do. Access address: https://www.iso.org/what-we-do.html . Access date: 11/05/2024
- Kara, M., Cyber-Attacks-Cyber Wars and Their Effects, Master’s Thesis, Institute of Social Sciences, ˙Istanbul Bilgi University, 2013.
- Karabacak, B., Cyber threats to critical infrastructures and cyber security recommendations for T¨urkiye. Cyber SecurityWorkshop, Information Security Association, Ankara, 29(2011), 1-11.
- Khan, F.B., Asad, A., Durad , H., Mohsin , S.M., Kazmi, S.N., Dragonfly cyber-Threats: A case study of malware attacks targeting power grids, Journal of Computing & Biomedical Informatics, 4(02)(2023), 172–185.
- Kılıç, B., Information Security Management in Law Offices in Turkey in Terms of ISO/IEC 27001 Information Security Management System, Master’s Thesis, Gazi University Informatics Institute, 2019.
- NIST. AboutNIST. Access address: https://www.nist.gov/about-nist . Access date:12/05/2024.
- Presidential Digital Transformation Office. (2020). Information and Communication Security Guide, 19-34. Ankara T¨urkiye.
- Presidential Digital Transformation Office. (2021). Information and Communication Security Audit Guide, 17th Ankara,T¨urkiye.
- Shull, A. (2014). Global cybercrime: the interplay of politics oath law. Organized Chaos: Reimagining the Internet, 97.
- TSE. Establishment of TSE. Access address: https://www.tse.org.tr/hakkimizda/. Access date:12/05/2024
- Yıldız, H., Anomaly Detection in Smart Grids Based on Software-Defined Networks Oath The Internet of Things, Master’s Thesis, Sakarya University, 2023.
- Yenienerji. (2013). Telvent, Schneider More powerful with Electric. New energy. Access address: https://www.yenienerji.com/roportaj/telventschnneider-electric-ile-daha-guclu.
There are 20 citations in total.
Details
| Primary Language | English |
|---|---|
| Subjects | Information Security Management |
| Journal Section | Articles |
| Authors | |
| Publication Date | December 31, 2024 |
| Submission Date | August 23, 2024 |
| Acceptance Date | October 7, 2024 |
| Published in Issue | Year 2024 Volume: 16 Issue: 2 |