SlideShare a Scribd company logo

4192020 Originality Reporthttpsucumberlands.blackboar

Download as DOCX, PDF
R
rhetttrevannion

4/19/2020 Originality Report https://ucumberlands.blackboard.com/webapps/mdb-sa-BB5a31b16bb2c48/originalityReport/ultra?attemptId=c0f154fe-8a27-40ba-9a3a-2a2760960086&course_id=_… 1/6 %18 %0 SafeAssign Originality Report Spring 2020 - Emerging Threats & Countermeas (ITS-… • Final case analysis paper %18Total Score: Medium risk Bharat C. Submission UUID: d5b48439-fd48-c395-c4b4-d8c15855a274 Total Number of Reports 1 Highest Match 18 % Case Analysis - Final Paper.… Average Match 18 % Submitted on 04/19/20 03:05 PM CDT Average Word Count 3,894 Highest: Case Analysis - Fin… %18Attachment 1 Institutional database (4) Student paper Student paper Student paper Student paper Internet (1) worldwidescience Top sources (3) Excluded sources (0) View Originality Report - Old Design Word Count: 3,894 Case Analysis - Final Paper.docx 1 4 5 2 3 1 Student paper 4 Student paper 5 Student paper Implementing cybersecurity in the energy sector 15 Implementing Cybersecurity in the Energy Sector ITS-834: Emerging Threats & Countermeasures University of the Cumberlands Dr. Sherly Abraham April 15, 2020 Abstract Cyber security is essential in every organization to protect and recover from any form of cyber-attack system, data, network or program. It matters in the energy sector because the energy market is mainly dominated by private firms, both aggressive because crooks attack their devices. Further- more, this subject is usually seen as an unnecessary subject on the agenda of the Board meeting unless something goes wrong and is too delayed by that time. Many major corporations have hovered over this topic but their research is trapped in a black box, because of their lack of technologi- cal expertise and related information about this cyber environment. In the 21st century, cyber security advanced especially to authoritarian and commercial states to very abnormal ones. Cyber-attacks are probably the most frightening kind of attacks to organizations, with the risk that sensi- tive information is lost or abused. With that being said, these have risen in the energy sector over the past few years, according to the study of the global state of information and security. For example, 7 391 cyber-attack instances were recorded in 2014 and a total loss of $1.2 billion from all- out assaults. Since cyber-attacks in the energy sector have increased, many organizations have taken action to ensure that their information is pro- tected against these attacks. Moreover, energy companies are a decisive target since essential goods and services are provided. The threats are high, but there is no question that this risk is generally measured before a major attack occurs. The energy sector and the utilities sector are a key 1 2 1 1 https://ucumberlands.blackboard.com/webapps/mdb-sa-BB5a31b16bb2c48/originalityReport?attemptId=c0f154fe-8a27-40ba-9a3a-2a2760960086&course_id=_114042_1&download=true&includeDeleted=true&print=true&force=true ...

Education
1 of 30
4/19/2020 Originality Report https://ucumberlands.blackboard.com/webapps/mdb-sa- BB5a31b16bb2c48/originalityReport/ultra?attemptId=c0f154fe- 8a27-40ba-9a3a-2a2760960086&course_id=_… 1/6 %18 %0 SafeAssign Originality Report Spring 2020 - Emerging Threats & Countermeas (ITS-… • Final case analysis paper %18Total Score: Medium risk Bharat C. Submission UUID: d5b48439-fd48-c395-c4b4-d8c15855a274 Total Number of Reports 1 Highest Match 18 % Case Analysis - Final Paper.… Average Match 18 % Submitted on
04/19/20 03:05 PM CDT Average Word Count 3,894 Highest: Case Analysis - Fin… %18Attachment 1 Institutional database (4) Student paper Student paper Student paper Student paper Internet (1) worldwidescience Top sources (3) Excluded sources (0) View Originality Report - Old Design Word Count: 3,894 Case Analysis - Final Paper.docx 1 4 5 2 3 1 Student paper 4 Student paper 5 Student paper
Implementing cybersecurity in the energy sector 15 Implementing Cybersecurity in the Energy Sector ITS-834: Emerging Threats & Countermeasures University of the Cumberlands Dr. Sherly Abraham April 15, 2020 Abstract Cyber security is essential in every organization to protect and recover from any form of cyber-attack system, data, network or program. It matters in the energy sector because the energy market is mainly dominated by private firms, both aggressive because crooks attack their devices. Further- more, this subject is usually seen as an unnecessary subject on the agenda of the Board meeting unless something goes wrong and is too delayed by that time. Many major corporations have hovered over this topic but their research is trapped in a black box, because of their lack of technologi- cal expertise and related information about this cyber environment. In the 21st century, cyber security advanced especially to authoritarian and commercial states to very abnormal ones. Cyber-attacks are probably the most frightening kind of attacks to organizations, with the risk that sensi- tive information is lost or abused. With that being said, these have risen in the energy sector over the past few years, according to the study of
the global state of information and security. For example, 7 391 cyber-attack instances were recorded in 2014 and a total loss of $1.2 billion from all- out assaults. Since cyber-attacks in the energy sector have increased, many organizations have taken action to ensure that their information is pro- tected against these attacks. Moreover, energy companies are a decisive target since essential goods and services are provided. The threats are high, but there is no question that this risk is generally measured before a major attack occurs. The energy sector and the utilities sector are a key 1 2 1 1 https://ucumberlands.blackboard.com/webapps/mdb-sa- BB5a31b16bb2c48/originalityReport?attemptId=c0f154fe-8a27- 40ba-9a3a- 2a2760960086&course_id=_114042_1&download=true&include Deleted=true&print=true&force=true 4/19/2020 Originality Report https://ucumberlands.blackboard.com/webapps/mdb-sa- BB5a31b16bb2c48/originalityReport/ultra?attemptId=c0f154fe- 8a27-40ba-9a3a-2a2760960086&course_id=_… 2/6 g , q g y j gy y component of critical national infrastructure which makes it a
costly target for state or non-state actors to gain or cause disruption or disturbance for the military and political leaders. A national grid would have had a surprising consequence of being able to disrupt remotely. The security of the grid against cyber-attack is therefore an integral component of ensuring energy health. This paper includes the fundamental security and value of these rules in the energy sector in protecting their information, implementing the principles and facing challenges in the application and practice of these principles. Introduction The energy sector today is increasingly digitalized, with new surfaces being targeted by attackers. The advent of intelligent grids and intelligent de- vices has made the industry an enticing target. And indeed, cyber criminals found it. Other than this, the growth of the digitalization of energy ser- vices has brought in many economic benefits, including greater energy efficiency. Various monetary advantages have also been picked up in the cy- ber security advertise, which remembers more noteworthy viability for assurance of vitality use. The dangers are genuine and develop as a result of digital assaults by malevolent programming focusing on fundamental foundation, so the weakness isn't constrained to the framework. In order to adapt to this, a change of vitality approaches and guidelines will be set up to secure the vitality framework against digital assaults. It must be accom- plished in the particular sections of power, which have influential quality, with extensive and point by point direction. Such security activities will cover a wide scope of issues, giving the vitality division a major jump forward. This instrument permits you to decide
sustainable power source sup- ply, guaranteeing that power frameworks are at the degree of the circulation rates. It is the mutual limit that reinforces the vitality portion frame- work that fills in as a manual for fortify any insufficiencies. Vitality associations ought to guarantee that their data is ensured by actualizing the prop- er measures. However, keeping all of this in mind, we cannot ignore how the digitalization has increased the possibility of cyber-attacks, where mali- cious software can use rising energy digitalization to its advantage. In its last World Energy Congress report, the World Energy Commission notes that a significant rise has taken place in recent years in the number of active cyber-attacks, and fears that those in the industry might not be pre- pared to deal with new and emerging threatened issues. Vitality utilities will normally observe digital as a basic danger to organizations, along these lines developing mindfulness and creating viable procedures for mechanical and human digital obstruction. A famous cyber security technique will assist with distinguishing key parts of digital hazard the board and perceive frameworks that are at all expense at serious risk. Therefore it is manda- tory that defenders take a variety of steps to reduce risk and help protect their properties. Others may be known as simple hygiene while others might not need to detect and recognize sophisticated attackers who want to jeopardize human health, continuity of service, or economic stability. This paper wishes to shed light upon the relevance of cyber - security in the energy sector, the researches already available on cyber-security prac- tices in the energy sector, the two vital security policies which
can be useful in order to lessen the risks of cyber-security, how these can be imple- mented as well as the risks involved in implementing those principles and their impacts. Literature Review The need and estimation of cyber security is developing over all parts of the economy and industry. Assailants interface with network access suppli- ers so they can channel their criminal operations and gain salary without any problem. To request to protect against illicit interferences or benefit making, the vitality segment has not been disregarded. There is no business here that can be fulfilled joyfully on the off chance that it works with a misfortune and stays here without figuring out how to test the circumstance. The Segment will be working on a misfortune and lose life, cash and damage to the whole structure because of boundaries in the vitality segment from generators, stores, supply lines or even client organization. Force plants have an obligation to guarantee unfailing, satisfactory and successful ability for the end-client, from singular necessities to legitimate require- ments. Assailants have gone into the vitality region which prompts the section to guarantee a powerful stockpile of electric stream, in this manner forestalling supply. So as to determine client concerns and safeguard client prominence, security assaults must be guaranteed force, unwavering quality and insurance. Security assaults on the vitality divi sion contact each point of view model is an unlawful change into the whole framework by utilizing savvy meters, casual evaluations of use, changed aggressor plan, the principle power slice region and dangers to the area. Assailants hack reasonable applications, power framework ambushes. Assailants
may send diseases to be a Trojan stalk, or phishing them to get to the systems to forestall unfortunate behavior. Holding the intensity of turbines and full destructions is likewise conceivable is critical advancement not made. Pres- ently, Sophos UMT can be utilized all the more effectively and precisely, without signs or the banner, on account of the capacity to perceive and ex- pel risks at all stages. Sophos UMT is viewed as feasible in light of the fact that the expense is little, simple to utilize and proficient, vital for counter- ing perils. Assailants have likewise built up a Rootkit framework to assist them with adding to organize breaks when they were based on a clandes- tine premise. It alludes to illicit Computer applications used to organize extraordinary Computer get to while being covered from everybody. When recognizable proof is utilized, since the utilization of benefits is conceded to be inconceivably obfuscating, it permits software engineers to hold onto a server that produces or gives organization or even associations pay to an ever increasing extent. Through controlling vulnerabilities software engi- neers can utilize the indirect access assault. The continuous boost of against infection programming would gain astounding ground. Progressive ar- ranging and warning of assailants will best work. What's more, making it incomprehensible for an assailant to get criticism about passwords and passphrases by really making confused passwords and devastating undesirable data. Existing study areas in the current energy sector As of late, IT neglected to react to the difficulties looked by existing force stations in the vitality business. This is on the grounds that the utilization of
the control framework is in huge, confused and hazardous frameworks and hardware care. The guard of force plants against dangerous aims re- quires proactive advances, and damages that may happen because of the abuse of the outcomes might be extreme for shoppers and the associa- tion itself. Because of the slumped back up because of broken transformers and hurt turbines reliable improvement could be hampered. Where the interference position response fails to work is the most obviously terrible. Applications and intercessions with no peril have been assembled and give more prominent assurance. Measures include: Turbines vendor monitoring Turbines are gadgets utilized in power age. This relies upon the utilization of gas turbines, wind turbines, water and steam Turbines to set up con- trols. They modify. Consistent advances taken to stay away from disappointment with routine support (Günter, 2019). Failing may be expensive and could require purchasing another, likewise exorbitant turbine. Merchants work remote in the breaks down and minds turbines nowadays, utilizing firewalls and VPN and numerous different firewalls, especially over the most recent five years, have become another uncontrolled danger. A gathering of aggressors who are expertly researched, striking an association and explicit goals genuinely for a long time, on a full-time premise, are frequently adding to a focus on hacks. 1 1
4/19/2020 Originality Report https://ucumberlands.blackboard.com/webapps/mdb-sa- BB5a31b16bb2c48/originalityReport/ultra?attemptId=c0f154fe- 8a27-40ba-9a3a-2a2760960086&course_id=_… 3/6 Aggressors have now built up an approach to battle the exchange off segments that outperform antivirus, security updates, firewalls and encodes and have later become a dynamic hazard. The wellbeing of nowadays is by framework arranging. Attackers can interface with focused areas remote- ly, utilizing the circuitous association edge to debilitate the framework during the ambush course of action. It is in the circumstance of holding, oblit- erating and decimating turbines connected to the perception and the last position. The misfortune may even be cataclysmic or even mass pulveriza- tion. Protecting relays and safety networks Nowadays has prompted improved and significant level assaults because of expanded imagination and driven IT learning. In the vitality segment, be that as it may, framework security has gotten a handle on new, productive development that can be depended on for good and reliable conditions. Sophos UMT built up a program to help the worth requested on climb for security endeavors. As I have appeared, UMT is the biggest in its group, as it can perceive and wipe out the peril of signs and signs distinguished as dark as it depends on how neurons separate among improvement and re- sponse (Bevan, Mitanni and Watanabe, 2013). Indeed, even before the framework is arranged, the speed at which it works is
a proper instrument in the recognizable proof and interest with the threat quicker. The reasons I advocate for Sophos UMT is that they are staggeringly suitable and are probably not going to be short, they're anything but difficult to utilize and they're extremely great. In its utilization, it isn't terrific, and for all intents and purposes all delegates can consequently be utilized to battle the threat. Control Center Communications An observing point of convergence for acknowledgment and dispersal of information is principally the central station. For accepting information, preparing and dispersing it to significant divisions rapidly, the correspondence accentuation is fit to grasp an activity very rapidly. Advantages might be instigated even before the sign or signs have been moved to the home office to produce results as there is postponed consciousness of a risk. At the point when outfitted with current development, the control accentuation is simpler, productive, sheltered and fast, to accomplish wanted work results. Along these lines, prepared and talented specialists are fundamental all together for the examination to progress likewise. Cyber-secu- rity Implementation A set of 10 fundamental architecture and operational concepts secure the national infrastructure. Using these ten principles as a guideline to strengthen the current infrastructure elements or to create new ones, like an abbreviated danger from botnets, for appropriate safety findings. [1]. The structures of national cyber-security practice are: i. Deception; ii. Separation; iii. Diversity; iv. Commonality; v. Depth; vi. Discretion; vii. Collection;
viii. Correlation; ix. Awareness; x. Response Four specific types of security threats such as privacy, integrity, theft and availability of national infrastructures are discussed and all three cate- gories of enemies such as foreign, internal and national infrastructures suppliers are also addressed, plus the three points of exploitation. I would like strongly to concentrate on the following two security concepts that can be applicable to Energy A, the deception and collection security policies. These principles are very important as they are basically building blocks for understanding the management of information security programs. Energy companies around the world are making an enormous effort to use advanced deception technologies to extend their current cyber safety approaches so as to better safeguard their networks and critical data. The information management also assumed, in case of vulnerability and inad- equate detection, that the current firewall and security protection systems had an ability to report. The collection security policy on the other hand proposes that an infrastructure protection scheme may be designed by collecting audit log information but provides safety, scope, and size problems that are not found in smaller device and network settings. National protection of infrastructure would also require an appropriate data collection system and would provide the required level of proof for the analysis of security. Relevance of the security policies in the energy sec- tor Collection
In the PC security populace as security information and event management (SIEM), the way toward incorporating framework information from a wide assortment of establishments to ensure the framework is depicted. The apparatus is utilized basically in the Center. The instrument aggregates security occasions from many system sources, screens exercises for explicit arrangement and diminishes episodes, with the goal that malignant ex- ercises are identified progressively. It utilizes the fundamental contributions from different safety gadgets and sensors, with satisfactory security frameworks, for example, organize firewalls and interruption counteraction framework, firewalls and verification frameworks for web applications and system sensors. 1 1 3 1 4 4 This is especially helpful on account of Energy A, where the information comes nearer from different system sources and wishes to give a solid in- strument to follow and break down vindictive exercises continuously. Deception
A protective strategy by the use of these technologies in cyber security systems decreases risk for each successful layer of defense and merges with a hybrid combination of defensive and offensive measures, so as to achieve the greatest degree of protection against infringements. A mixture of dragging, code and data disappointments, bait endpoints to identify and remove these conflicts from the device will fulfill this procedure. In this process, a solution to the frustration system provides all energy companies the resources required to preserve the active wall, provide firm support for the identification of threats in the network and retains high responsiveness. The Deception Platform offers an insight into errors, early detec- tions, warnings and emancipates these capacities for retaining and preserving confidential data across the energy sector. Implementation of the security principle Security Information and Event Management (SIEM) frameworks gather safety information from around the association, likewise help the faculties of security groups, react to security occurrences as well as produce security-related implementation and administrative reports. Since SIEM is a sig- nificant safety framework that approaches information from over the world, there are different instances of SIEM uses that can be utilized to per- ceive how information can be utilized in Energy A business. [2]. Consistence: We will attempt to evaluate and choose whether we can uphold a thor- ough Energy A consistence idea by managing PCI DSS, GDPR, HIPAA and SOX. Threats to insiders: We will lessen dangers from reliable sources by methods for SIEM. Presently, in Energy A we will try to uphold
these practices to dodge these dangers. We will likewise decide if somebody endeav- ors to penetrate right of access or if a reliable host and association has been settled upon. Advanced security: They likewise look to investigate whether the rich information assortment for risk discovery, information exfiltration and IoT security can give propelled guard against dangers to se- curity. On the off chance that you take a gander at breaking down current security issues with meanings of data innovation, the huge number of 1 4/19/2020 Originality Report https://ucumberlands.blackboard.com/webapps/mdb-sa- BB5a31b16bb2c48/originalityReport/ultra?attemptId=c0f154 fe- 8a27-40ba-9a3a-2a2760960086&course_id=_… 4/6 clients are as yet disappointed to make sure about the vitality framework before sunlight. Specific framework: we would assume that a portion of the parts of the vitality segment basically contain these duplicity traps and others, and while executing these foundation groups are as yet thinking about basic security frameworks standards. The discoveries depend on these suppositions: Selective foundation: The entire hypothesis isn't the fit- ting method to trap, yet the guideline of disappointment should likewise comprehend that all the ideas don't go as expected. Share the outcomes and perceptions: the guideline of sharing perceptions and results through operational snare ought to be remembered for these
trickery programs. Challenges in implementation of the mentioned security principles respectively The exploration from the association with the vision for a traditional SIEM is a long way from open in contrast with surveillance cameras. The execu- tion of SIEM is excessively perplexing. It's anything but a significant assignment to gather the fitting data, to combine this information, to regularize and relate different advancements. SIEM's exquisite. The premium for SIEM licenses is more prominent and a state of source. With the end goal for organizations to structure, plan and execute incorporation, change feeds of information and calendar importations into every single outer datum sources, they should likewise consider recruiting extravagance experts and engineers. SIEM needs greater sending time. The greater part of the as- sociations, with a feeling of profound direness, consented to join a SIEM. Even up to now, SIEM isn't an effectively open cloud gadget. Contingent upon the reasons under which about hardly any associations in the cloud follow a procedure, the data center and open cloud like Amazon's EC2/some other supplier can be successfully joined with properties [3]. The principles of deception will experience three huge strides so as to arrive at the resolutions. Good make-conviction and alluring. Should the assaulting surfaces be fixed. Must be compact, simple to peruse and run. Discus- sion A fundamental structure and tasks rule is the proposed technique to ensure the vitality division. The recommendations are that the safety result, in-
cluding a decreased risk from botnets, is gainful if such criteria are utilized as a rule to build up the present framework parts or to develop another framework segment. The method gives all types of vitality safety attacks. It additionally controls all opponents, and even the vitality division abuse focuses. So as to upgrade correspondence and trade of data between partners, the utility matrix of things to come originates from the association of innovation, money and directed turn of events. In spite of the fact that these rising developments will invigorate maturing vitality framework, Directors and controllers are progressively stressed over the subsequent hints of cyber security. The interconnection of certain benefits through keen gadgets, just as the quantity of twofold route streams between utilities, supplier and clients is associated with most of ongoing digital security dangers looked by brilliant frameworks. Large force firms who are liable for securing billions of dollars into their own properties make some hard memories remaining in an advanced domain where urban programmers rapidly and routinely increment their own assets and advances. Distinctive danger on-screen characters make new open doors for correspondence with framework systems with the expanding digitalization of the matrix. Suppliers can maintain a strategic distance from hurt by taking great cleanliness care, for example, get to control, fixing and defends. Bigger dread is guilty parties like presumes who are compromised. Hoodlums effectively improve their ability and information, as an apparatus for bringing in cash is anything but difficult to track down. Information security and protection influence foundation, yet when
wrongdoers approach pain free income, they have loosened up objectives. A hack that trig- gers all or part of the force matrix is the most straightforward digital peril for utilities and networks. This danger comes basically from local enter- tainers. The lattice can be determined as the biggest man-made gadget ever, the entire structure is associated and should work under certain cutoff points to stay away from the irregularity or even dodge segments of the framework. Lattice administrators must ensure that programmers can't dis- turb the framework foundation and that new innovation is securely applied to the matrix. My vision is that by the day's end the count will be se- cured by utilizing Energy A. I accept that when they are on the web or convey or utilizing associated applications, clients need a general comprehen- sion about security dangers. In ongoing conversations in regards to Facebook and different locales, and digital wrongdoing, everybody ought to know about issues of security and information abuse. To the cutting edge individual, general information about insurance and qualities are key. Keen matrix issues have little association with this and ought to be tended to at the national level. The paper offers a major preferred position with the idea driving the utilization of SIEM and deception innovations to build up the vitality area. Being careful about how projects have picked up the option to trust that enactment and changes will be upheld. It is unquestionably not what regular and preservationist industry expects but rather it can absolutely show how imagination can be moved forward [4]. As other industries, a successful cyber-attack on the energy supplier will hamper the productivity of companies. Nonetheless, it will impact
public health and well-being as well. Conclusion From yield as far as possible of the client's activity, the whole paper takes a gander at the difficulties that the vitality segment faces. Aggressors have endeavored to imperil the redirection consistently, while the IT division has refreshed its items to battle the impact of assailants what's more. De- spite huge impedance harm and extreme harms, the courses of action for programmers to get to mother gadgets and bargain all information ought to be continually re-structured and screened. An assailant on productive assaults will imperil cyber security benchmarks, for example, deception, collection and discretion. References Mukherjee, Sourav. (2019). Implementing Cybersecurity in the Energy Sector. 10.6084/m9.figshare.9728051. Barichella, Arnault (2018). Cy- ber-security in the Energy Sector: a Comparative Analysis between Europe and the United States (INIS-FR--18-0757). France Deception Technology for the Energy Sector - Attivo Networks. (2019). Retrieved 19 August 2019, from https://attivonetworks.com/solu- tions/energy/ Rahman, Md Shihan, et al. "Multi-agent approach for enhancing security of protection schemes in cyber-physical energy systems." IEEE transactions on industrial informatics13.2 (2017): 436-447. Amoroso, E. (2013). Cyber attacks. Amsterdam: Elsevier. Bevrani, H., Mitani, Y., & Watanabe, M. (2014). Power System Monitoring and Control. Hoboken, NJ: John Wiley & Sons. [1] Amoroso, E. (2012).
Cyber attacks: protecting national infrastructure. Elsevier. ISBN: 978- 0123918550 [2] The essential Guide to SIEM. Retrieved from https://www.exabeam.com/siemguide/siem-use-cases/ [3] Barraco, Lauren (2014). Top 5 Problems with Traditional SIEM (Infographic). Re- trieved from https://www.alienvault.com/blogs/security- essentials/top-5-problems with-traditional-siem-infographic [4] Chester, Matt (2019). Cyber Security Attacks and Forecasting Future Threats to the Utility Industry: Exclusive Interview with Anjos Nijk of ENCS. Retrieved from https://www.energycentral.com/c/iu/cyber-security-attacks-and- forecasting-future threats-utility-industry-exclusive 1 5 1 1 1 1 1 4 4 4 5 4 4/19/2020 Originality Report https://ucumberlands.blackboard.com/webapps/mdb-sa- BB5a31b16bb2c48/originalityReport/ultra?attemptId=c0f154fe- 8a27-40ba-9a3a-2a2760960086&course_id=_… 5/6 Source Matches (25)
Student paper 94% Student paper 74% Student paper 100% Student paper 66% Student paper 72% Student paper 63% Student paper 77% Student paper 100% worldwidescience 68% Student paper 77% Student paper 62% Student paper 75% Student paper 66% 15 1 Student paper Implementing cybersecurity in the energy sector 15 Implementing Cy- bersecurity in the Energy Sector
Original source Implementing Cybersecurity in the Energy Sector Implementing Cyber- security in the Energy Sector 2 Student paper Emerging Threats & Countermeasures Original source ITS 834 – Emerging threats and Countermeasures 1 Student paper University of the Cumberlands Original source University of the Cumberlands 1 Student paper With that being said, these have risen in the energy sector over the past few years, according to the
study of the global state of informa- tion and security. For example, 7 391 cyber-attack instances were record- ed in 2014 and a total loss of $1.2 billion from all-out assaults. Original source According to the survey of the Global State of Information and security, the cyberattacks are increased in the energy sector in the last few years For instance, in 2014, 7,391 exam- ples of cyber assaults were account- ed for and an all-out loss of the at- tacks totaled to $1.2 billion 1 Student paper Existing study areas in the current energy sector Original source Existing study areas in the energy industry 1 Student paper A gathering of aggressors who are expertly researched, striking an as- sociation and explicit goals genuine-
ly for a long time, on a full-time premise, are frequently adding to a focus on hacks. Original source A focused on hacks are led for the most part by a gathering of attackers who are expertly reviewed … ITS 834 Emerging Threats and Countermeasures Total points - 100 Final Research Case Analysis The paper is due on end of day Sunday April 19,2020 Topic: Implementing Cybersecurity in the Energy Sector Imagine you have been hired as a security consultant for EnergyA which is an electric utility company based in the USA. The company has several locations in the U.S and is responsible for supplying a large portion of electricity for the southeastern region in the U.S. You have been charged with overseeing the implementation of cybersecurity best
practices for EnergyA. In this course, you examined 10 design and security principles (Deception, Separation, Diversity, Commonality, Depth, Discretion, Collection, Correlation, Awareness, Response) in the context of national and critical infrastructure protection. Identify any two security principles from the 10 we learned and evaluate and discuss how it can be applied to EnergyA. Your case analysis needs to minimally address the following sector identify its relevance in the energy sector implemented implementing it with the topic and future
implications of cybersecurity in the energy sector Your research paper should be minimally 10 pages (double space, Font - Georgia with font size 12). The research paper needs cite at least 5 peer reviewed journal/book references. The bibliography should be included as a separate page and is not part of the 10 page requirement. Student assignments will be run through Safe Assignment. Please ensure to check the safe assignment result prior to submitting. You will have the chance to submit your assignment up to two times. So please submit earlier than the due date so you can check your safe assign score. You need to check your safe assign report to ensure there is no instance of academic integrity violations. Please refer to this link for information on the academic integrity policy at
the university https://cumberland.smartcatalogiq.com/en/2017- 2018/2017-2018-Undergraduate- Catalog/Academic-Affairs/Academic-Integrity-Policy Please ensure to review the policy. If there are instances of academic integrity policy violations in your paper, you will not receive a grade for the assignment and will be referred to the department. The university of Cumberland library can be assessed at https://www.ucumberlands.edu/library The research paper should include the following components. content of your paper, limited to 200-350 words) -2 pages, relevance of cybersecurity in the energy sector) -4 pages, describes the research papers that you find in reference to the topic of cybersecurity in the energy sector)’ on (2-4 pages, Why you are focusing on the two
specific security principles; For each security principle, identify its relevance in the energy sector; For each security principle, identify how the principle can be implemented; For each security principle, identify challenges presented in implementing it) -3 pages) – (Your perspectives on the topic, try to connect the security principles identified together; discuss future implications of cybersecurity in the energy sector) Conclusion (1-2 paragraphs, This provides a final summary of your research paper) The following rubric will be used to grade your assessment Evaluation Parameters Percentage Weight Did the student respond to the research topic 20 Did the student conduct sufficient literature review of the topic 20
Did the student provide relevant examples to support viewpoints 20 Did the student meet the content requirements of the assignment and discuss the key points identified in the question 20 Did the student provide a critical perspective on the topic 10 Did the student create a professional, well-developed report with proper grammar, spelling, punctuation and APA formatting 10 Total 100% https://cumberland.smartcatalogiq.com/en/2017-2018/2017- 2018-Undergraduate-Catalog/Academic-Affairs/Academic- Integrity-Policy https://cumberland.smartcatalogiq.com/en/2017-2018/2017- 2018-Undergraduate-Catalog/Academic-Affairs/Academic- Integrity-Policy https://www.ucumberlands.edu/library Please refer to the following for APA guidelines https://owl.purdue.edu/owl/research_and_citation/apa_style/apa
_formatting_and_st yle_guide/general_format.html https://owl.purdue.edu/owl/research_and_citation/apa_style/apa _formatting_and_style_guide/general_format.html https://owl.purdue.edu/owl/research_and_citation/apa_style/apa _formatting_and_style_guide/general_format.html

Recommended

Discuss three (3) ways that large organizations are increasingly eng.docx
Discuss three (3) ways that large organizations are increasingly eng.docxDiscuss three (3) ways that large organizations are increasingly eng.docx
Discuss three (3) ways that large organizations are increasingly eng.docx
rhetttrevannion
 
Discuss this week’s objectives with your team sharing related rese.docx
Discuss this week’s objectives with your team sharing related rese.docxDiscuss this week’s objectives with your team sharing related rese.docx
Discuss this week’s objectives with your team sharing related rese.docx
rhetttrevannion
 
Discuss theoretical considerations or assumptions relevant to yo.docx
Discuss theoretical considerations or assumptions relevant to yo.docxDiscuss theoretical considerations or assumptions relevant to yo.docx
Discuss theoretical considerations or assumptions relevant to yo.docx
rhetttrevannion
 
Discuss theprinciple events of PROCESS AND THREAD used in both t.docx
Discuss theprinciple events of PROCESS AND THREAD used in both t.docxDiscuss theprinciple events of PROCESS AND THREAD used in both t.docx
Discuss theprinciple events of PROCESS AND THREAD used in both t.docx
rhetttrevannion
 
Discuss the Windows Registry System Hive1) What information.docx
Discuss the Windows Registry System Hive1) What information.docxDiscuss the Windows Registry System Hive1) What information.docx
Discuss the Windows Registry System Hive1) What information.docx
rhetttrevannion
 
Discuss the way the idea of heroism develops from Gilgamesh th.docx
Discuss the way the idea of heroism develops from Gilgamesh th.docxDiscuss the way the idea of heroism develops from Gilgamesh th.docx
Discuss the way the idea of heroism develops from Gilgamesh th.docx
rhetttrevannion
 
Discuss the ways in which the history of the U.S. was presented in t.docx
Discuss the ways in which the history of the U.S. was presented in t.docxDiscuss the ways in which the history of the U.S. was presented in t.docx
Discuss the ways in which the history of the U.S. was presented in t.docx
rhetttrevannion
 
Discuss the value of Lean Systems Engineering to systems develop.docx
Discuss the value of Lean Systems Engineering to systems develop.docxDiscuss the value of Lean Systems Engineering to systems develop.docx
Discuss the value of Lean Systems Engineering to systems develop.docx
rhetttrevannion
 

Recommended

Discuss three (3) ways that large organizations are increasingly eng.docx
Discuss three (3) ways that large organizations are increasingly eng.docxDiscuss three (3) ways that large organizations are increasingly eng.docx
Discuss three (3) ways that large organizations are increasingly eng.docx
rhetttrevannion
 
Discuss this week’s objectives with your team sharing related rese.docx
Discuss this week’s objectives with your team sharing related rese.docxDiscuss this week’s objectives with your team sharing related rese.docx
Discuss this week’s objectives with your team sharing related rese.docx
rhetttrevannion
 
Discuss theoretical considerations or assumptions relevant to yo.docx
Discuss theoretical considerations or assumptions relevant to yo.docxDiscuss theoretical considerations or assumptions relevant to yo.docx
Discuss theoretical considerations or assumptions relevant to yo.docx
rhetttrevannion
 
Discuss theprinciple events of PROCESS AND THREAD used in both t.docx
Discuss theprinciple events of PROCESS AND THREAD used in both t.docxDiscuss theprinciple events of PROCESS AND THREAD used in both t.docx
Discuss theprinciple events of PROCESS AND THREAD used in both t.docx
rhetttrevannion
 
Discuss the Windows Registry System Hive1) What information.docx
Discuss the Windows Registry System Hive1) What information.docxDiscuss the Windows Registry System Hive1) What information.docx
Discuss the Windows Registry System Hive1) What information.docx
rhetttrevannion
 
Discuss the way the idea of heroism develops from Gilgamesh th.docx
Discuss the way the idea of heroism develops from Gilgamesh th.docxDiscuss the way the idea of heroism develops from Gilgamesh th.docx
Discuss the way the idea of heroism develops from Gilgamesh th.docx
rhetttrevannion
 
Discuss the ways in which the history of the U.S. was presented in t.docx
Discuss the ways in which the history of the U.S. was presented in t.docxDiscuss the ways in which the history of the U.S. was presented in t.docx
Discuss the ways in which the history of the U.S. was presented in t.docx
rhetttrevannion
 
Discuss the value of Lean Systems Engineering to systems develop.docx
Discuss the value of Lean Systems Engineering to systems develop.docxDiscuss the value of Lean Systems Engineering to systems develop.docx
Discuss the value of Lean Systems Engineering to systems develop.docx
rhetttrevannion
 
discuss the various pathways interest groups use to influence politi.docx
discuss the various pathways interest groups use to influence politi.docxdiscuss the various pathways interest groups use to influence politi.docx
discuss the various pathways interest groups use to influence politi.docx
rhetttrevannion
 
Discuss the various tools and techniques used by an HCO to incre.docx
Discuss the various tools and techniques used by an HCO to incre.docxDiscuss the various tools and techniques used by an HCO to incre.docx
Discuss the various tools and techniques used by an HCO to incre.docx
rhetttrevannion
 
Discuss the various means by which slaves resisted the slave system..docx
Discuss the various means by which slaves resisted the slave system..docxDiscuss the various means by which slaves resisted the slave system..docx
Discuss the various means by which slaves resisted the slave system..docx
rhetttrevannion
 
Discuss the typica l clinical presentation of the diagnosis , Hip Os.docx
Discuss the typica l clinical presentation of the diagnosis , Hip Os.docxDiscuss the typica l clinical presentation of the diagnosis , Hip Os.docx
Discuss the typica l clinical presentation of the diagnosis , Hip Os.docx
rhetttrevannion
 
Discuss the types of resources, tools, and methods that are availabl.docx
Discuss the types of resources, tools, and methods that are availabl.docxDiscuss the types of resources, tools, and methods that are availabl.docx
Discuss the types of resources, tools, and methods that are availabl.docx
rhetttrevannion
 
Discuss the types of items that should be examined in a firewall log.docx
Discuss the types of items that should be examined in a firewall log.docxDiscuss the types of items that should be examined in a firewall log.docx
Discuss the types of items that should be examined in a firewall log.docx
rhetttrevannion
 
Discuss the types of property, providing an example of each an.docx
Discuss the types of property, providing an example of each an.docxDiscuss the types of property, providing an example of each an.docx
Discuss the types of property, providing an example of each an.docx
rhetttrevannion
 
Discuss the type of personality it takes to become a police officer..docx
Discuss the type of personality it takes to become a police officer..docxDiscuss the type of personality it takes to become a police officer..docx
Discuss the type of personality it takes to become a police officer..docx
rhetttrevannion
 
Discuss the two major sources of crime statistics for the United Sta.docx
Discuss the two major sources of crime statistics for the United Sta.docxDiscuss the two major sources of crime statistics for the United Sta.docx
Discuss the two major sources of crime statistics for the United Sta.docx
rhetttrevannion
 
Discuss the two most prominent theories related to the stage of adul.docx
Discuss the two most prominent theories related to the stage of adul.docxDiscuss the two most prominent theories related to the stage of adul.docx
Discuss the two most prominent theories related to the stage of adul.docx
rhetttrevannion
 
Discuss the two elements required for the consent defense. In ad.docx
Discuss the two elements required for the consent defense. In ad.docxDiscuss the two elements required for the consent defense. In ad.docx
Discuss the two elements required for the consent defense. In ad.docx
rhetttrevannion
 
Discuss the Truth in Lending Act and what role it places in financia.docx
Discuss the Truth in Lending Act and what role it places in financia.docxDiscuss the Truth in Lending Act and what role it places in financia.docx
Discuss the Truth in Lending Act and what role it places in financia.docx
rhetttrevannion
 
Discuss the traits, behaviors, and leadership style you would expect.docx
Discuss the traits, behaviors, and leadership style you would expect.docxDiscuss the traits, behaviors, and leadership style you would expect.docx
Discuss the traits, behaviors, and leadership style you would expect.docx
rhetttrevannion
 
Discuss the three main forces that have been responsible for hospita.docx
Discuss the three main forces that have been responsible for hospita.docxDiscuss the three main forces that have been responsible for hospita.docx
Discuss the three main forces that have been responsible for hospita.docx
rhetttrevannion
 
Discuss the threats and vulnerabilities to Access Control and what b.docx
Discuss the threats and vulnerabilities to Access Control and what b.docxDiscuss the threats and vulnerabilities to Access Control and what b.docx
Discuss the threats and vulnerabilities to Access Control and what b.docx
rhetttrevannion
 
Discuss the theories of the origin of Black English discussed by McW.docx
Discuss the theories of the origin of Black English discussed by McW.docxDiscuss the theories of the origin of Black English discussed by McW.docx
Discuss the theories of the origin of Black English discussed by McW.docx
rhetttrevannion
 
Discuss the the threats and vulnerabilities to Access Control and wh.docx
Discuss the the threats and vulnerabilities to Access Control and wh.docxDiscuss the the threats and vulnerabilities to Access Control and wh.docx
Discuss the the threats and vulnerabilities to Access Control and wh.docx
rhetttrevannion
 
Discuss the strengths and weaknesses of using K-Means clustering .docx
Discuss the strengths and weaknesses of using K-Means clustering .docxDiscuss the strengths and weaknesses of using K-Means clustering .docx
Discuss the strengths and weaknesses of using K-Means clustering .docx
rhetttrevannion
 
Discuss the sociological theories of aging disengagement.docx
Discuss the sociological theories of aging disengagement.docxDiscuss the sociological theories of aging disengagement.docx
Discuss the sociological theories of aging disengagement.docx
rhetttrevannion
 
Discuss the source of the legitimacy problem associated with earthl.docx
Discuss the source of the legitimacy problem associated with earthl.docxDiscuss the source of the legitimacy problem associated with earthl.docx
Discuss the source of the legitimacy problem associated with earthl.docx
rhetttrevannion
 

More Related Content

More from rhetttrevannion

Discuss the source of the legitimacy problem associated with earthl.docx
Discuss the source of the legitimacy problem associated with earthl.docxDiscuss the source of the legitimacy problem associated with earthl.docx
Discuss the source of the legitimacy problem associated with earthl.docx
rhetttrevannion
 

More from rhetttrevannion (20)

discuss the various pathways interest groups use to influence politi.docx
discuss the various pathways interest groups use to influence politi.docxdiscuss the various pathways interest groups use to influence politi.docx
discuss the various pathways interest groups use to influence politi.docx
 
Discuss the various tools and techniques used by an HCO to incre.docx
Discuss the various tools and techniques used by an HCO to incre.docxDiscuss the various tools and techniques used by an HCO to incre.docx
Discuss the various tools and techniques used by an HCO to incre.docx
 
Discuss the various means by which slaves resisted the slave system..docx
Discuss the various means by which slaves resisted the slave system..docxDiscuss the various means by which slaves resisted the slave system..docx
Discuss the various means by which slaves resisted the slave system..docx
 
Discuss the typica l clinical presentation of the diagnosis , Hip Os.docx
Discuss the typica l clinical presentation of the diagnosis , Hip Os.docxDiscuss the typica l clinical presentation of the diagnosis , Hip Os.docx
Discuss the typica l clinical presentation of the diagnosis , Hip Os.docx
 
Discuss the types of resources, tools, and methods that are availabl.docx
Discuss the types of resources, tools, and methods that are availabl.docxDiscuss the types of resources, tools, and methods that are availabl.docx
Discuss the types of resources, tools, and methods that are availabl.docx
 
Discuss the types of items that should be examined in a firewall log.docx
Discuss the types of items that should be examined in a firewall log.docxDiscuss the types of items that should be examined in a firewall log.docx
Discuss the types of items that should be examined in a firewall log.docx
 
Discuss the types of property, providing an example of each an.docx
Discuss the types of property, providing an example of each an.docxDiscuss the types of property, providing an example of each an.docx
Discuss the types of property, providing an example of each an.docx
 
Discuss the type of personality it takes to become a police officer..docx
Discuss the type of personality it takes to become a police officer..docxDiscuss the type of personality it takes to become a police officer..docx
Discuss the type of personality it takes to become a police officer..docx
 
Discuss the two major sources of crime statistics for the United Sta.docx
Discuss the two major sources of crime statistics for the United Sta.docxDiscuss the two major sources of crime statistics for the United Sta.docx
Discuss the two major sources of crime statistics for the United Sta.docx
 
Discuss the two most prominent theories related to the stage of adul.docx
Discuss the two most prominent theories related to the stage of adul.docxDiscuss the two most prominent theories related to the stage of adul.docx
Discuss the two most prominent theories related to the stage of adul.docx
 
Discuss the two elements required for the consent defense. In ad.docx
Discuss the two elements required for the consent defense. In ad.docxDiscuss the two elements required for the consent defense. In ad.docx
Discuss the two elements required for the consent defense. In ad.docx
 
Discuss the Truth in Lending Act and what role it places in financia.docx
Discuss the Truth in Lending Act and what role it places in financia.docxDiscuss the Truth in Lending Act and what role it places in financia.docx
Discuss the Truth in Lending Act and what role it places in financia.docx
 
Discuss the traits, behaviors, and leadership style you would expect.docx
Discuss the traits, behaviors, and leadership style you would expect.docxDiscuss the traits, behaviors, and leadership style you would expect.docx
Discuss the traits, behaviors, and leadership style you would expect.docx
 
Discuss the three main forces that have been responsible for hospita.docx
Discuss the three main forces that have been responsible for hospita.docxDiscuss the three main forces that have been responsible for hospita.docx
Discuss the three main forces that have been responsible for hospita.docx
 
Discuss the threats and vulnerabilities to Access Control and what b.docx
Discuss the threats and vulnerabilities to Access Control and what b.docxDiscuss the threats and vulnerabilities to Access Control and what b.docx
Discuss the threats and vulnerabilities to Access Control and what b.docx
 
Discuss the theories of the origin of Black English discussed by McW.docx
Discuss the theories of the origin of Black English discussed by McW.docxDiscuss the theories of the origin of Black English discussed by McW.docx
Discuss the theories of the origin of Black English discussed by McW.docx
 
Discuss the the threats and vulnerabilities to Access Control and wh.docx
Discuss the the threats and vulnerabilities to Access Control and wh.docxDiscuss the the threats and vulnerabilities to Access Control and wh.docx
Discuss the the threats and vulnerabilities to Access Control and wh.docx
 
Discuss the strengths and weaknesses of using K-Means clustering .docx
Discuss the strengths and weaknesses of using K-Means clustering .docxDiscuss the strengths and weaknesses of using K-Means clustering .docx
Discuss the strengths and weaknesses of using K-Means clustering .docx
 
Discuss the sociological theories of aging disengagement.docx
Discuss the sociological theories of aging disengagement.docxDiscuss the sociological theories of aging disengagement.docx
Discuss the sociological theories of aging disengagement.docx
 
Discuss the source of the legitimacy problem associated with earthl.docx
Discuss the source of the legitimacy problem associated with earthl.docxDiscuss the source of the legitimacy problem associated with earthl.docx
Discuss the source of the legitimacy problem associated with earthl.docx
 

4192020 Originality Reporthttpsucumberlands.blackboar

  • 1. 4/19/2020 Originality Report https://ucumberlands.blackboard.com/webapps/mdb-sa- BB5a31b16bb2c48/originalityReport/ultra?attemptId=c0f154fe- 8a27-40ba-9a3a-2a2760960086&course_id=_… 1/6 %18 %0 SafeAssign Originality Report Spring 2020 - Emerging Threats & Countermeas (ITS-… • Final case analysis paper %18Total Score: Medium risk Bharat C. Submission UUID: d5b48439-fd48-c395-c4b4-d8c15855a274 Total Number of Reports 1 Highest Match 18 % Case Analysis - Final Paper.… Average Match 18 % Submitted on
  • 2. 04/19/20 03:05 PM CDT Average Word Count 3,894 Highest: Case Analysis - Fin… %18Attachment 1 Institutional database (4) Student paper Student paper Student paper Student paper Internet (1) worldwidescience Top sources (3) Excluded sources (0) View Originality Report - Old Design Word Count: 3,894 Case Analysis - Final Paper.docx 1 4 5 2 3 1 Student paper 4 Student paper 5 Student paper
  • 3. Implementing cybersecurity in the energy sector 15 Implementing Cybersecurity in the Energy Sector ITS-834: Emerging Threats & Countermeasures University of the Cumberlands Dr. Sherly Abraham April 15, 2020 Abstract Cyber security is essential in every organization to protect and recover from any form of cyber-attack system, data, network or program. It matters in the energy sector because the energy market is mainly dominated by private firms, both aggressive because crooks attack their devices. Further- more, this subject is usually seen as an unnecessary subject on the agenda of the Board meeting unless something goes wrong and is too delayed by that time. Many major corporations have hovered over this topic but their research is trapped in a black box, because of their lack of technologi- cal expertise and related information about this cyber environment. In the 21st century, cyber security advanced especially to authoritarian and commercial states to very abnormal ones. Cyber-attacks are probably the most frightening kind of attacks to organizations, with the risk that sensi- tive information is lost or abused. With that being said, these have risen in the energy sector over the past few years, according to the study of
  • 4. the global state of information and security. For example, 7 391 cyber-attack instances were recorded in 2014 and a total loss of $1.2 billion from all- out assaults. Since cyber-attacks in the energy sector have increased, many organizations have taken action to ensure that their information is pro- tected against these attacks. Moreover, energy companies are a decisive target since essential goods and services are provided. The threats are high, but there is no question that this risk is generally measured before a major attack occurs. The energy sector and the utilities sector are a key 1 2 1 1 https://ucumberlands.blackboard.com/webapps/mdb-sa- BB5a31b16bb2c48/originalityReport?attemptId=c0f154fe-8a27- 40ba-9a3a- 2a2760960086&course_id=_114042_1&download=true&include Deleted=true&print=true&force=true 4/19/2020 Originality Report https://ucumberlands.blackboard.com/webapps/mdb-sa- BB5a31b16bb2c48/originalityReport/ultra?attemptId=c0f154fe- 8a27-40ba-9a3a-2a2760960086&course_id=_… 2/6 g , q g y j gy y component of critical national infrastructure which makes it a
  • 5. costly target for state or non-state actors to gain or cause disruption or disturbance for the military and political leaders. A national grid would have had a surprising consequence of being able to disrupt remotely. The security of the grid against cyber-attack is therefore an integral component of ensuring energy health. This paper includes the fundamental security and value of these rules in the energy sector in protecting their information, implementing the principles and facing challenges in the application and practice of these principles. Introduction The energy sector today is increasingly digitalized, with new surfaces being targeted by attackers. The advent of intelligent grids and intelligent de- vices has made the industry an enticing target. And indeed, cyber criminals found it. Other than this, the growth of the digitalization of energy ser- vices has brought in many economic benefits, including greater energy efficiency. Various monetary advantages have also been picked up in the cy- ber security advertise, which remembers more noteworthy viability for assurance of vitality use. The dangers are genuine and develop as a result of digital assaults by malevolent programming focusing on fundamental foundation, so the weakness isn't constrained to the framework. In order to adapt to this, a change of vitality approaches and guidelines will be set up to secure the vitality framework against digital assaults. It must be accom- plished in the particular sections of power, which have influential quality, with extensive and point by point direction. Such security activities will cover a wide scope of issues, giving the vitality division a major jump forward. This instrument permits you to decide
  • 6. sustainable power source sup- ply, guaranteeing that power frameworks are at the degree of the circulation rates. It is the mutual limit that reinforces the vitality portion frame- work that fills in as a manual for fortify any insufficiencies. Vitality associations ought to guarantee that their data is ensured by actualizing the prop- er measures. However, keeping all of this in mind, we cannot ignore how the digitalization has increased the possibility of cyber-attacks, where mali- cious software can use rising energy digitalization to its advantage. In its last World Energy Congress report, the World Energy Commission notes that a significant rise has taken place in recent years in the number of active cyber-attacks, and fears that those in the industry might not be pre- pared to deal with new and emerging threatened issues. Vitality utilities will normally observe digital as a basic danger to organizations, along these lines developing mindfulness and creating viable procedures for mechanical and human digital obstruction. A famous cyber security technique will assist with distinguishing key parts of digital hazard the board and perceive frameworks that are at all expense at serious risk. Therefore it is manda- tory that defenders take a variety of steps to reduce risk and help protect their properties. Others may be known as simple hygiene while others might not need to detect and recognize sophisticated attackers who want to jeopardize human health, continuity of service, or economic stability. This paper wishes to shed light upon the relevance of cyber - security in the energy sector, the researches already available on cyber-security prac- tices in the energy sector, the two vital security policies which
  • 7. can be useful in order to lessen the risks of cyber-security, how these can be imple- mented as well as the risks involved in implementing those principles and their impacts. Literature Review The need and estimation of cyber security is developing over all parts of the economy and industry. Assailants interface with network access suppli- ers so they can channel their criminal operations and gain salary without any problem. To request to protect against illicit interferences or benefit making, the vitality segment has not been disregarded. There is no business here that can be fulfilled joyfully on the off chance that it works with a misfortune and stays here without figuring out how to test the circumstance. The Segment will be working on a misfortune and lose life, cash and damage to the whole structure because of boundaries in the vitality segment from generators, stores, supply lines or even client organization. Force plants have an obligation to guarantee unfailing, satisfactory and successful ability for the end-client, from singular necessities to legitimate require- ments. Assailants have gone into the vitality region which prompts the section to guarantee a powerful stockpile of electric stream, in this manner forestalling supply. So as to determine client concerns and safeguard client prominence, security assaults must be guaranteed force, unwavering quality and insurance. Security assaults on the vitality divi sion contact each point of view model is an unlawful change into the whole framework by utilizing savvy meters, casual evaluations of use, changed aggressor plan, the principle power slice region and dangers to the area. Assailants hack reasonable applications, power framework ambushes. Assailants
  • 8. may send diseases to be a Trojan stalk, or phishing them to get to the systems to forestall unfortunate behavior. Holding the intensity of turbines and full destructions is likewise conceivable is critical advancement not made. Pres- ently, Sophos UMT can be utilized all the more effectively and precisely, without signs or the banner, on account of the capacity to perceive and ex- pel risks at all stages. Sophos UMT is viewed as feasible in light of the fact that the expense is little, simple to utilize and proficient, vital for counter- ing perils. Assailants have likewise built up a Rootkit framework to assist them with adding to organize breaks when they were based on a clandes- tine premise. It alludes to illicit Computer applications used to organize extraordinary Computer get to while being covered from everybody. When recognizable proof is utilized, since the utilization of benefits is conceded to be inconceivably obfuscating, it permits software engineers to hold onto a server that produces or gives organization or even associations pay to an ever increasing extent. Through controlling vulnerabilities software engi- neers can utilize the indirect access assault. The continuous boost of against infection programming would gain astounding ground. Progressive ar- ranging and warning of assailants will best work. What's more, making it incomprehensible for an assailant to get criticism about passwords and passphrases by really making confused passwords and devastating undesirable data. Existing study areas in the current energy sector As of late, IT neglected to react to the difficulties looked by existing force stations in the vitality business. This is on the grounds that the utilization of
  • 9. the control framework is in huge, confused and hazardous frameworks and hardware care. The guard of force plants against dangerous aims re- quires proactive advances, and damages that may happen because of the abuse of the outcomes might be extreme for shoppers and the associa- tion itself. Because of the slumped back up because of broken transformers and hurt turbines reliable improvement could be hampered. Where the interference position response fails to work is the most obviously terrible. Applications and intercessions with no peril have been assembled and give more prominent assurance. Measures include: Turbines vendor monitoring Turbines are gadgets utilized in power age. This relies upon the utilization of gas turbines, wind turbines, water and steam Turbines to set up con- trols. They modify. Consistent advances taken to stay away from disappointment with routine support (Günter, 2019). Failing may be expensive and could require purchasing another, likewise exorbitant turbine. Merchants work remote in the breaks down and minds turbines nowadays, utilizing firewalls and VPN and numerous different firewalls, especially over the most recent five years, have become another uncontrolled danger. A gathering of aggressors who are expertly researched, striking an association and explicit goals genuinely for a long time, on a full-time premise, are frequently adding to a focus on hacks. 1 1
  • 10. 4/19/2020 Originality Report https://ucumberlands.blackboard.com/webapps/mdb-sa- BB5a31b16bb2c48/originalityReport/ultra?attemptId=c0f154fe- 8a27-40ba-9a3a-2a2760960086&course_id=_… 3/6 Aggressors have now built up an approach to battle the exchange off segments that outperform antivirus, security updates, firewalls and encodes and have later become a dynamic hazard. The wellbeing of nowadays is by framework arranging. Attackers can interface with focused areas remote- ly, utilizing the circuitous association edge to debilitate the framework during the ambush course of action. It is in the circumstance of holding, oblit- erating and decimating turbines connected to the perception and the last position. The misfortune may even be cataclysmic or even mass pulveriza- tion. Protecting relays and safety networks Nowadays has prompted improved and significant level assaults because of expanded imagination and driven IT learning. In the vitality segment, be that as it may, framework security has gotten a handle on new, productive development that can be depended on for good and reliable conditions. Sophos UMT built up a program to help the worth requested on climb for security endeavors. As I have appeared, UMT is the biggest in its group, as it can perceive and wipe out the peril of signs and signs distinguished as dark as it depends on how neurons separate among improvement and re- sponse (Bevan, Mitanni and Watanabe, 2013). Indeed, even before the framework is arranged, the speed at which it works is
  • 11. a proper instrument in the recognizable proof and interest with the threat quicker. The reasons I advocate for Sophos UMT is that they are staggeringly suitable and are probably not going to be short, they're anything but difficult to utilize and they're extremely great. In its utilization, it isn't terrific, and for all intents and purposes all delegates can consequently be utilized to battle the threat. Control Center Communications An observing point of convergence for acknowledgment and dispersal of information is principally the central station. For accepting information, preparing and dispersing it to significant divisions rapidly, the correspondence accentuation is fit to grasp an activity very rapidly. Advantages might be instigated even before the sign or signs have been moved to the home office to produce results as there is postponed consciousness of a risk. At the point when outfitted with current development, the control accentuation is simpler, productive, sheltered and fast, to accomplish wanted work results. Along these lines, prepared and talented specialists are fundamental all together for the examination to progress likewise. Cyber-secu- rity Implementation A set of 10 fundamental architecture and operational concepts secure the national infrastructure. Using these ten principles as a guideline to strengthen the current infrastructure elements or to create new ones, like an abbreviated danger from botnets, for appropriate safety findings. [1]. The structures of national cyber-security practice are: i. Deception; ii. Separation; iii. Diversity; iv. Commonality; v. Depth; vi. Discretion; vii. Collection;
  • 12. viii. Correlation; ix. Awareness; x. Response Four specific types of security threats such as privacy, integrity, theft and availability of national infrastructures are discussed and all three cate- gories of enemies such as foreign, internal and national infrastructures suppliers are also addressed, plus the three points of exploitation. I would like strongly to concentrate on the following two security concepts that can be applicable to Energy A, the deception and collection security policies. These principles are very important as they are basically building blocks for understanding the management of information security programs. Energy companies around the world are making an enormous effort to use advanced deception technologies to extend their current cyber safety approaches so as to better safeguard their networks and critical data. The information management also assumed, in case of vulnerability and inad- equate detection, that the current firewall and security protection systems had an ability to report. The collection security policy on the other hand proposes that an infrastructure protection scheme may be designed by collecting audit log information but provides safety, scope, and size problems that are not found in smaller device and network settings. National protection of infrastructure would also require an appropriate data collection system and would provide the required level of proof for the analysis of security. Relevance of the security policies in the energy sec- tor Collection
  • 13. In the PC security populace as security information and event management (SIEM), the way toward incorporating framework information from a wide assortment of establishments to ensure the framework is depicted. The apparatus is utilized basically in the Center. The instrument aggregates security occasions from many system sources, screens exercises for explicit arrangement and diminishes episodes, with the goal that malignant ex- ercises are identified progressively. It utilizes the fundamental contributions from different safety gadgets and sensors, with satisfactory security frameworks, for example, organize firewalls and interruption counteraction framework, firewalls and verification frameworks for web applications and system sensors. 1 1 3 1 4 4 This is especially helpful on account of Energy A, where the information comes nearer from different system sources and wishes to give a solid in- strument to follow and break down vindictive exercises continuously. Deception
  • 14. A protective strategy by the use of these technologies in cyber security systems decreases risk for each successful layer of defense and merges with a hybrid combination of defensive and offensive measures, so as to achieve the greatest degree of protection against infringements. A mixture of dragging, code and data disappointments, bait endpoints to identify and remove these conflicts from the device will fulfill this procedure. In this process, a solution to the frustration system provides all energy companies the resources required to preserve the active wall, provide firm support for the identification of threats in the network and retains high responsiveness. The Deception Platform offers an insight into errors, early detec- tions, warnings and emancipates these capacities for retaining and preserving confidential data across the energy sector. Implementation of the security principle Security Information and Event Management (SIEM) frameworks gather safety information from around the association, likewise help the faculties of security groups, react to security occurrences as well as produce security-related implementation and administrative reports. Since SIEM is a sig- nificant safety framework that approaches information from over the world, there are different instances of SIEM uses that can be utilized to per- ceive how information can be utilized in Energy A business. [2]. Consistence: We will attempt to evaluate and choose whether we can uphold a thor- ough Energy A consistence idea by managing PCI DSS, GDPR, HIPAA and SOX. Threats to insiders: We will lessen dangers from reliable sources by methods for SIEM. Presently, in Energy A we will try to uphold
  • 15. these practices to dodge these dangers. We will likewise decide if somebody endeav- ors to penetrate right of access or if a reliable host and association has been settled upon. Advanced security: They likewise look to investigate whether the rich information assortment for risk discovery, information exfiltration and IoT security can give propelled guard against dangers to se- curity. On the off chance that you take a gander at breaking down current security issues with meanings of data innovation, the huge number of 1 4/19/2020 Originality Report https://ucumberlands.blackboard.com/webapps/mdb-sa- BB5a31b16bb2c48/originalityReport/ultra?attemptId=c0f154 fe- 8a27-40ba-9a3a-2a2760960086&course_id=_… 4/6 clients are as yet disappointed to make sure about the vitality framework before sunlight. Specific framework: we would assume that a portion of the parts of the vitality segment basically contain these duplicity traps and others, and while executing these foundation groups are as yet thinking about basic security frameworks standards. The discoveries depend on these suppositions: Selective foundation: The entire hypothesis isn't the fit- ting method to trap, yet the guideline of disappointment should likewise comprehend that all the ideas don't go as expected. Share the outcomes and perceptions: the guideline of sharing perceptions and results through operational snare ought to be remembered for these
  • 16. trickery programs. Challenges in implementation of the mentioned security principles respectively The exploration from the association with the vision for a traditional SIEM is a long way from open in contrast with surveillance cameras. The execu- tion of SIEM is excessively perplexing. It's anything but a significant assignment to gather the fitting data, to combine this information, to regularize and relate different advancements. SIEM's exquisite. The premium for SIEM licenses is more prominent and a state of source. With the end goal for organizations to structure, plan and execute incorporation, change feeds of information and calendar importations into every single outer datum sources, they should likewise consider recruiting extravagance experts and engineers. SIEM needs greater sending time. The greater part of the as- sociations, with a feeling of profound direness, consented to join a SIEM. Even up to now, SIEM isn't an effectively open cloud gadget. Contingent upon the reasons under which about hardly any associations in the cloud follow a procedure, the data center and open cloud like Amazon's EC2/some other supplier can be successfully joined with properties [3]. The principles of deception will experience three huge strides so as to arrive at the resolutions. Good make-conviction and alluring. Should the assaulting surfaces be fixed. Must be compact, simple to peruse and run. Discus- sion A fundamental structure and tasks rule is the proposed technique to ensure the vitality division. The recommendations are that the safety result, in-
  • 17. cluding a decreased risk from botnets, is gainful if such criteria are utilized as a rule to build up the present framework parts or to develop another framework segment. The method gives all types of vitality safety attacks. It additionally controls all opponents, and even the vitality division abuse focuses. So as to upgrade correspondence and trade of data between partners, the utility matrix of things to come originates from the association of innovation, money and directed turn of events. In spite of the fact that these rising developments will invigorate maturing vitality framework, Directors and controllers are progressively stressed over the subsequent hints of cyber security. The interconnection of certain benefits through keen gadgets, just as the quantity of twofold route streams between utilities, supplier and clients is associated with most of ongoing digital security dangers looked by brilliant frameworks. Large force firms who are liable for securing billions of dollars into their own properties make some hard memories remaining in an advanced domain where urban programmers rapidly and routinely increment their own assets and advances. Distinctive danger on-screen characters make new open doors for correspondence with framework systems with the expanding digitalization of the matrix. Suppliers can maintain a strategic distance from hurt by taking great cleanliness care, for example, get to control, fixing and defends. Bigger dread is guilty parties like presumes who are compromised. Hoodlums effectively improve their ability and information, as an apparatus for bringing in cash is anything but difficult to track down. Information security and protection influence foundation, yet when
  • 18. wrongdoers approach pain free income, they have loosened up objectives. A hack that trig- gers all or part of the force matrix is the most straightforward digital peril for utilities and networks. This danger comes basically from local enter- tainers. The lattice can be determined as the biggest man-made gadget ever, the entire structure is associated and should work under certain cutoff points to stay away from the irregularity or even dodge segments of the framework. Lattice administrators must ensure that programmers can't dis- turb the framework foundation and that new innovation is securely applied to the matrix. My vision is that by the day's end the count will be se- cured by utilizing Energy A. I accept that when they are on the web or convey or utilizing associated applications, clients need a general comprehen- sion about security dangers. In ongoing conversations in regards to Facebook and different locales, and digital wrongdoing, everybody ought to know about issues of security and information abuse. To the cutting edge individual, general information about insurance and qualities are key. Keen matrix issues have little association with this and ought to be tended to at the national level. The paper offers a major preferred position with the idea driving the utilization of SIEM and deception innovations to build up the vitality area. Being careful about how projects have picked up the option to trust that enactment and changes will be upheld. It is unquestionably not what regular and preservationist industry expects but rather it can absolutely show how imagination can be moved forward [4]. As other industries, a successful cyber-attack on the energy supplier will hamper the productivity of companies. Nonetheless, it will impact
  • 19. public health and well-being as well. Conclusion From yield as far as possible of the client's activity, the whole paper takes a gander at the difficulties that the vitality segment faces. Aggressors have endeavored to imperil the redirection consistently, while the IT division has refreshed its items to battle the impact of assailants what's more. De- spite huge impedance harm and extreme harms, the courses of action for programmers to get to mother gadgets and bargain all information ought to be continually re-structured and screened. An assailant on productive assaults will imperil cyber security benchmarks, for example, deception, collection and discretion. References Mukherjee, Sourav. (2019). Implementing Cybersecurity in the Energy Sector. 10.6084/m9.figshare.9728051. Barichella, Arnault (2018). Cy- ber-security in the Energy Sector: a Comparative Analysis between Europe and the United States (INIS-FR--18-0757). France Deception Technology for the Energy Sector - Attivo Networks. (2019). Retrieved 19 August 2019, from https://attivonetworks.com/solu- tions/energy/ Rahman, Md Shihan, et al. "Multi-agent approach for enhancing security of protection schemes in cyber-physical energy systems." IEEE transactions on industrial informatics13.2 (2017): 436-447. Amoroso, E. (2013). Cyber attacks. Amsterdam: Elsevier. Bevrani, H., Mitani, Y., & Watanabe, M. (2014). Power System Monitoring and Control. Hoboken, NJ: John Wiley & Sons. [1] Amoroso, E. (2012).
  • 20. Cyber attacks: protecting national infrastructure. Elsevier. ISBN: 978- 0123918550 [2] The essential Guide to SIEM. Retrieved from https://www.exabeam.com/siemguide/siem-use-cases/ [3] Barraco, Lauren (2014). Top 5 Problems with Traditional SIEM (Infographic). Re- trieved from https://www.alienvault.com/blogs/security- essentials/top-5-problems with-traditional-siem-infographic [4] Chester, Matt (2019). Cyber Security Attacks and Forecasting Future Threats to the Utility Industry: Exclusive Interview with Anjos Nijk of ENCS. Retrieved from https://www.energycentral.com/c/iu/cyber-security-attacks-and- forecasting-future threats-utility-industry-exclusive 1 5 1 1 1 1 1 4 4 4 5 4 4/19/2020 Originality Report https://ucumberlands.blackboard.com/webapps/mdb-sa- BB5a31b16bb2c48/originalityReport/ultra?attemptId=c0f154fe- 8a27-40ba-9a3a-2a2760960086&course_id=_… 5/6 Source Matches (25)
  • 21. Student paper 94% Student paper 74% Student paper 100% Student paper 66% Student paper 72% Student paper 63% Student paper 77% Student paper 100% worldwidescience 68% Student paper 77% Student paper 62% Student paper 75% Student paper 66% 15 1 Student paper Implementing cybersecurity in the energy sector 15 Implementing Cy- bersecurity in the Energy Sector
  • 22. Original source Implementing Cybersecurity in the Energy Sector Implementing Cyber- security in the Energy Sector 2 Student paper Emerging Threats & Countermeasures Original source ITS 834 – Emerging threats and Countermeasures 1 Student paper University of the Cumberlands Original source University of the Cumberlands 1 Student paper With that being said, these have risen in the energy sector over the past few years, according to the
  • 23. study of the global state of informa- tion and security. For example, 7 391 cyber-attack instances were record- ed in 2014 and a total loss of $1.2 billion from all-out assaults. Original source According to the survey of the Global State of Information and security, the cyberattacks are increased in the energy sector in the last few years For instance, in 2014, 7,391 exam- ples of cyber assaults were account- ed for and an all-out loss of the at- tacks totaled to $1.2 billion 1 Student paper Existing study areas in the current energy sector Original source Existing study areas in the energy industry 1 Student paper A gathering of aggressors who are expertly researched, striking an as- sociation and explicit goals genuine-
  • 24. ly for a long time, on a full-time premise, are frequently adding to a focus on hacks. Original source A focused on hacks are led for the most part by a gathering of attackers who are expertly reviewed … ITS 834 Emerging Threats and Countermeasures Total points - 100 Final Research Case Analysis The paper is due on end of day Sunday April 19,2020 Topic: Implementing Cybersecurity in the Energy Sector Imagine you have been hired as a security consultant for EnergyA which is an electric utility company based in the USA. The company has several locations in the U.S and is responsible for supplying a large portion of electricity for the southeastern region in the U.S. You have been charged with overseeing the implementation of cybersecurity best
  • 25. practices for EnergyA. In this course, you examined 10 design and security principles (Deception, Separation, Diversity, Commonality, Depth, Discretion, Collection, Correlation, Awareness, Response) in the context of national and critical infrastructure protection. Identify any two security principles from the 10 we learned and evaluate and discuss how it can be applied to EnergyA. Your case analysis needs to minimally address the following sector identify its relevance in the energy sector implemented implementing it with the topic and future
  • 26. implications of cybersecurity in the energy sector Your research paper should be minimally 10 pages (double space, Font - Georgia with font size 12). The research paper needs cite at least 5 peer reviewed journal/book references. The bibliography should be included as a separate page and is not part of the 10 page requirement. Student assignments will be run through Safe Assignment. Please ensure to check the safe assignment result prior to submitting. You will have the chance to submit your assignment up to two times. So please submit earlier than the due date so you can check your safe assign score. You need to check your safe assign report to ensure there is no instance of academic integrity violations. Please refer to this link for information on the academic integrity policy at
  • 27. the university https://cumberland.smartcatalogiq.com/en/2017- 2018/2017-2018-Undergraduate- Catalog/Academic-Affairs/Academic-Integrity-Policy Please ensure to review the policy. If there are instances of academic integrity policy violations in your paper, you will not receive a grade for the assignment and will be referred to the department. The university of Cumberland library can be assessed at https://www.ucumberlands.edu/library The research paper should include the following components. content of your paper, limited to 200-350 words) -2 pages, relevance of cybersecurity in the energy sector) -4 pages, describes the research papers that you find in reference to the topic of cybersecurity in the energy sector)’ on (2-4 pages, Why you are focusing on the two
  • 28. specific security principles; For each security principle, identify its relevance in the energy sector; For each security principle, identify how the principle can be implemented; For each security principle, identify challenges presented in implementing it) -3 pages) – (Your perspectives on the topic, try to connect the security principles identified together; discuss future implications of cybersecurity in the energy sector) Conclusion (1-2 paragraphs, This provides a final summary of your research paper) The following rubric will be used to grade your assessment Evaluation Parameters Percentage Weight Did the student respond to the research topic 20 Did the student conduct sufficient literature review of the topic 20
  • 29. Did the student provide relevant examples to support viewpoints 20 Did the student meet the content requirements of the assignment and discuss the key points identified in the question 20 Did the student provide a critical perspective on the topic 10 Did the student create a professional, well-developed report with proper grammar, spelling, punctuation and APA formatting 10 Total 100% https://cumberland.smartcatalogiq.com/en/2017-2018/2017- 2018-Undergraduate-Catalog/Academic-Affairs/Academic- Integrity-Policy https://cumberland.smartcatalogiq.com/en/2017-2018/2017- 2018-Undergraduate-Catalog/Academic-Affairs/Academic- Integrity-Policy https://www.ucumberlands.edu/library Please refer to the following for APA guidelines https://owl.purdue.edu/owl/research_and_citation/apa_style/apa