Cyber resilience for critical infrastructure : A systematic review

Sammanfattning: Critical infrastructure is a term to define the network of crucial assets for the functioning of a society and modern economies. The complexity of critical infrastructures and the ability to connect smart devices to these networks make them more vulnerable to cyberattacks. One of the cutting events pointing out gaps and importance of the cyber resilience in the nation's infrastructure systems, including Industrial Control Systems (ICS), was the discovery of Stuxnet in 2010, a malicious computer worm attacking Iranian nuclear facilities. The vulnerability of cyber systems was further revealed by a cyberattack on the SCADA system in Ukraine in 2015. This paper uses both a systematic literature strategy base on the Preferred Reporting Items for Systematic reviews and Meta-Analyses (PRISMA) statement and co-occurrence analysis by VOSviewer, a tool for visualization of similarities, to explore the specific research domains of cyber resilience for critical infrastructures and to understand the current trend of development and future research orientation. Despite the literature's emphasis on essential industries, the results show that, of all exposure parameters, the organization's sector is most consistently connected with the emergence of cyber resilience traits. The sector is also important in terms of the kind of attack and its effect on data. The attacked entities in the sample have a low level of cyber resilience, as evidenced by the surprisingly low intensity of devoted Cyber Security (CS) operational setting, use of CS structures, the resilience of Prevention, Detection, and Recovery controls (PDR), and organizations' reactions to their stakeholders following cyber attacks. The studied countries do not consistently adopt cyber resilience features. The prevalence of resilience traits, on the other hand, seems to have a beneficial influence on the frequency of litigation and sanctions. Furthermore, improved protection, detection, and recovery measures increase the frequency of responsibilities and expectations to stakeholders following cyber assaults.