STOP-IT - Detail page

Home
FT
SP Wizard
- Risknought
Lists
- Measures
- Events
- Tools
- ST Procedures
Search
Login

Measure: MobileDeviceUsageRules

Description

Setting up of clear rules for the use of mobile devices. Thus the staff knows how to use mobile devices outside the utility in a secure way. The aim is to ensure data and cyber security also outside of the utility area.

Comments

Examples for rules could be the mandatory use of privacy films for monitors or automatic screen locks after a certain time of inactivity. Losses of IT equipment should be reported as soon as possible to the utility. Portable devices should be encrypted. Connections to the utility's network should only be allowed via Virtual Private Network (VPN) connections. A list of mobile devices should exist in the company.

Event source types

External attacker
Human fault

Event type

Manipulation

Risk reduction mechanism

Frequency/Likelihood & Consequences

Threat Types

Cyber
Cyber-Physical

Action characteristics

Proactive

Measure type

Action and Crisis Management Plans and Training

event_ measures

Event-Measure: 99146
Event-Measure: 99289
Event-Measure: 99290
Event-Measure: 99585
Event-Measure: 99621
Event-Measure: 101261
Event-Measure: 101408
Event-Measure: 102402
Event-Measure: 103069
Event-Measure: 103383
Event-Measure: 103615
Event-Measure: 103662

Event Consequences

Quantity
Quality
Financial

Asset types

Drinking Water Network
Drinking Water Tanks
Pressure Boosting Station
Water Abstraction Points
Water Treatment Plants

Events

Basic Event 227 - Fake news about contamination in WTP using manipulated water company public communication
Basic Event 153 - External attacker manipulates WTP transmission devices
Basic Event 169 - Man-in-the-Middle attack manipulates surface water system sensor signal
Basic Event 210 - Man-in-the-Middle attack manipulates WTP sensor signal
Basic Event 170 - External attacker manipulates surface water system transmission devices
Basic Event 215 - Man-in-the-Middle attack manipulates WTP control signals
Basic Event 236 - Man-in-the-Middle attack manipulates WDN tank level sensor signals
Basic Event 157 - Man-in-the-Middle attack manipulates WDN quality sensor readings
Basic Event 194 - External person manipulates transmission wires of wells
Basic Event 195 - External person manipulates data transmission system of wells
Basic Event 211 - External attacker manipulates WTP transmission devices
Basic Event 267 - Man-in-the-Middle attack manipulates WDN valve control signals

Specific Assets

Transferred Information
Transmission Devices

Measure ID

M61

Name

MobileDeviceUsageRules

Risk reduction mechanism

Frequency/Likelihood & Consequences

Action characteristics

Proactive

This project has received funding from the European Union's Horizon 2020 research and innovation programme under grant agreement No. 740610. The publication reflects only the authors' views and the European Union is not liable for any use that may be made of the information contained therein. All illustrations in the homepage are attributed to rudall30/Shutterstock.com.