Organizations make use of important information in day-to-day business. Protecting sensitive information is imperative and\nmust be managed. Companies in many parts of the world protect sensitive information using the international standard known\nas the information security management system (ISMS). ISO 27000 series is the international standard ISMS used to protect\nconfidentiality, integrity, and availability of sensitive information. While an ISMS based on ISO 27000 series has no particular\nflaws for general information systems, it is unfit to manage sensitive information for industrial control systems (ICSs) because\nthe first priority of industrial control is safety of the system. Therefore, a new information security management system based on\nconfidentiality, integrity, and availability as well as safety is required for ICSs. This new ISMS must be mutually exclusive of an ICS.\nThis paper provides a new paradigm of ISMS for ICSs, which will be shown to be more suitable than the existing ISMS.
Loading....