Shukla, M;
Johnson, SD;
Jones, P;
(2019)
Does the NIS implementation strategy effectively address cyber security risks in the UK?
In:
Proceedings of the 2019 International Conference on Cyber Security and Protection of Digital Services (Cyber Security).
IEEE: Oxford, UK.
Preview |
Text
Cyber_Science_2019_paper_34.pdf - Published Version Download (1MB) | Preview |
Abstract
This research explored how cyber security risks are managed across UK Critical National Infrastructure (CNI) sectors following implementation of the 2018 Networks and Information Security (NIS) legislation. Being in its infancy, there has been limited study into the effectiveness of this national framework for cyber risk management. The analysis of data gathered through interviews with key stakeholders against the NIS objectives indicated a collaborative implementation approach to improve cyber-risk management capabilities in CNI sectors. However, more work is required to bridge the gaps in the NIS framework to ensure holistic security across cyber spaces as well as non-cyber elements: cyber-physical security, cross-sector CNI service security measures, outcome-based regulatory assessments and risks due to connected smart technology implementations alongside legacy systems. This paper proposes ten key recommendations to counter the danger of not meeting the NIS key strategic objectives. In particular, it recommends that the approach to NIS implementation needs further alignment with its objectives, such as bringing a step-change in the cyber-security risk management capabilities of the CNI sectors.
Type: | Proceedings paper |
---|---|
Title: | Does the NIS implementation strategy effectively address cyber security risks in the UK? |
Event: | 2019 International Conference on Cyber Security and Protection of Digital Services (Cyber Security) |
Open access status: | An open access version is available from UCL Discovery |
DOI: | 10.1109/CyberSecPODS.2019.8884963 |
Publisher version: | https://doi.org/10.1109/CyberSecPODS.2019.8884963 |
Language: | English |
Additional information: | This version is the author accepted manuscript. For information on re-use, please refer to the publisher’s terms and conditions. |
UCL classification: | UCL UCL > Provost and Vice Provost Offices > UCL BEAMS UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science > Dept of Civil, Environ and Geomatic Eng UCL > Provost and Vice Provost Offices > UCL BEAMS > Faculty of Engineering Science > Dept of Security and Crime Science |
URI: | https://discovery.ucl.ac.uk/id/eprint/10092141 |
Archive Staff Only
View Item |