[SystemSafety] A Paper on Assigning Cybersecurity Responsibility

Peter Bernard Ladkin ladkin at causalis.com
Wed May 11 10:28:57 CEST 2022


Martyn Thomas and I wrote a paper on the details of assigning cybersecurity responsibility 
conformant with NIS 2018. NIS 2018 is the UK implementation of the EU NIS Directive, which 
establishes national organisations responsible for coordinating cybersecurity information and 
requirements for critical infrastructure (critinf). It requires, for example, establishment of 
CERT-like bodies called CSIRTs for each critical industry, as well as designated contact points for 
international coordination activities.

The paper deals with issues such as the following. Suppose you, as a stakeholder or third party, 
identify a cybersecurity vulnerability in critinf kit. What do you do? Whom shall you notify? What 
happens then?

Details are obviously important for successful implementation. This paper is our suggestion. 
https://journals.sas.ac.uk/deeslr/article/view/5427

PBL

Prof. i.R. Dr. Peter Bernard Ladkin, Bielefeld, Germany
Tel+msg +49 (0)521 880 7319  www.rvs-bi.de




-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <https://lists.techfak.uni-bielefeld.de/pipermail/systemsafety/attachments/20220511/7a862d85/attachment.sig>


More information about the systemsafety mailing list