Skip to main content

Research Repository

Advanced Search

Critical infrastructure cyber-security risk management

Spyridopoulos, Theodoros; Maraslis, Konstantinos; Tryfonas, Theo; Oikonomou, George

Critical infrastructure cyber-security risk management Thumbnail


Konstantinos Maraslis

Theo Tryfonas

George Oikonomou


Maura Conway

Lee Jarvis

Orla Lehane

Stuart Macdonald

Lella Nouri


Traditional IT cyber-security risk management methods are based on the evaluation of risks calculated as the likelihood of cyber-security incidents occurring. However, these probabilities are usually estimations or guesses based on past experience and incomplete data. Incorrect estimations can lead to errors in the evaluation of risks that can ultimately affect the protection of the system. This issue is also transferred to methods used in Industrial Control Systems (ICSs), as they are mainly adaptations of such traditional approaches. Additionally, conventional methods fail to adequately address the increasing threat environment and the highly interdependent critical nature of ICSs, while proposed methods by the research community are as yet far from providing a solution. The importance of securely managing ICS infrastructures is growing, as they are systems embedded in critical national infrastructure (e.g. city traffic lights controls) and thus a potentially attractive target for organized cyber-criminals and terrorists. In this Chapter we present a novel approach that combines Stafford Beer’s Viable System Model (VSM) with Game Theory in order to develop a risk management process that addresses the above issues. The model we develop provides a holistic, cost-efficient cyber-security solution that takes into account interdependencies of critical components as well as the potential impact of different attack strategies.


Spyridopoulos, T., Maraslis, K., Tryfonas, T., & Oikonomou, G. (2017). Critical infrastructure cyber-security risk management. In M. Conway, L. Jarvis, O. Lehane, S. Macdonald, & L. Nouri (Eds.), Terrorists' Use of the Internet (59-76). IOS Press.

Publication Date Jun 1, 2017
Deposit Date Oct 20, 2017
Publicly Available Date Oct 20, 2017
Peer Reviewed Peer Reviewed
Volume 136
Pages 59-76
Series Title NATO Science for Peace and Security Series - E: Human and Societal Dynamics
Book Title Terrorists' Use of the Internet
ISBN 9781614997641
Keywords critical infrastructure, cyber-security risk management, industrial control systems, cyber-security, game theory, viable system model
Public URL
Publisher URL
Related Public URLs


You might also like

Downloadable Citations