Abstract
The increased financial value of the power grids and the multitude of potential attackers, including such with advanced capabilities, makes the enhancement of cybersecurity in power grids very important. In order to strengthen the cybersecurity posture of the power grids, it is necessary to foster the development of cybersecurity skills and knowledge of the personnel working in them. To this end, this work proposes a systematic process that leverages cybersecurity best practices to define training content for personnel employed in power grids. To illustrate the workings of the proposed approach, best practices against phishing, spoofing, denial of service, and unauthorized activities are presented.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
Notes
References
Berners-Lee, T., Hendler, J., Lassila, O.: The semantic web. Sci. Am. 284(5), 34–43 (2001)
Canadian Centre for Cyber Security: Protecting your organization against denial of service attacks - itsap.80.100. Tech. rep
Cell, N.J.C..C.I.: The cybersecurity of critical infrastructure. Tech. rep
Center for Internet Security: Guide to DDoS attacks, multi-state information sharing and analysis center (MS-ISAC). Tech. rep
Center for Internet Security: CIS critical security controls version 8. https://www.cisecurity.org/controls/v8_pre (2022). Accessed 19 Jun 2023
Chowdhury, N., Gkioulos, V.: Cyber security training for critical infrastructure protection: a literature review. Comput. Sci. Rev. 40, 100361 (2021)
Chowdhury, N., Gkioulos, V.: Key competencies for critical infrastructure cyber-security: a systematic literature review. Info. Comput. Secur. 29(5), 697–723 (2021)
Chowdhury, N., Katsikas, S., Gkioulos, V.: Modeling effective cybersecurity training frameworks: a Delphi method-based study. Comput. Secur. 113, 102551 (2022)
Chowdhury, N., Nystad, E., Reegård, K., Gkioulos, V.: Cybersecurity training in Norwegian critical infrastructure companies (2022)
CISCO: best practices Guide for Anti-Spoofing. https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/214844-best-practices-guide-for-anti-spoofing.html
Cybersecurity, Infrastructure Security Agency, CISA, F.M.I.: Understanding and responding to distributed denial-of-service attacks. Tech. rep
Cybersecurity, C.I.: Framework for improving critical infrastructure cybersecurity. https://nvlpubsnist.gov/nistpubs/CSWP/NIST. CSWP 4162018 (2018)
Cybersecurity Infrastructure Security Agency: capacity enhancement guide counter-phishing recommendations for federal agencies . https://www.cisa.gov/sites/default/files/publications/Capacity_Enhancement_Guide-Counter-Phishing_Recommendations_for_Federal_Agencies_1_0.pdf
Davis, J.: Ransomware, phishing attacks compromised half us orgs in 2019. Ed. By Healthysecurity. com.[Online (2020)]
DOE, U.: 21 steps to improve cyber security of SCADA networks (2001)
El Sawi, G.: Curriculum development guide: population education for non-formal education programs of out-of-school rural youth (1996)
ENISA: Distributed denial of service, ENISA threat landscape. Tech. rep
ENISA: DNS DDoS Attack Protections. https://www.enisa.europa.eu/publications/info-notes/dns-ddos-attack-protections
ENISA: Enisa’s ten security awareness good practices. Tech. rep
ENISA: From january 2019 to april 2020 phishing enisa threat landscape. https://www.enisa.europa.eu/topics/cyber-threats/threats-and-trends/etl-review-folder/etl2020-phishing , year = 2020
ENISA: It business continuity management, an approach for small medium sized organizations. Tech. rep
ENISA: online training material . https://www.enisa.europa.eu/topics/training-and-exercises/trainings-for-cybersecurity-specialists/online-training-material
ENISA: Preventing identity theft: Train the trainer reference guide. Tech. rep
ENISA: Technical Guidelines for the implementation of minimum security measures for Digital Service Providers
ENISA: Review of cyber hygiene practices. Tech. rep. (2016)
ENISA: Cybersecurity skills development in the EU (2020)
Ghafir, I., Prenosil, V., Svoboda, J., Hammoudeh, M.: A survey on network security monitoring systems. In: 2016 IEEE 4th International Conference on Future Internet of Things and Cloud Workshops (FiCloudW), pp. 77–82. IEEE (2016)
Grammatikis, P.R., et al.: SDN-based resilient smart grid: the SDN-microsense architecture. Digital 1(4), 173–187 (2021)
Gwen El Sawi: overview of the curriculum development process. https://www.fao.org/3/ah650e/AH650E03.htm
ICC Belgium, FEB, EY, Microsoft, L-SEC, B-CCENTRE and ISACA Belgium: 40 essential measures for a healthy network (2013). https://www.ssi.gouv.fr/en/actualite/40-essential-measures-for-a-healthy-network/
ICC Belgium, FEB, EY, Microsoft, L-SEC, B-CCENTRE and ISACA Belgium: Belgian cyber security guide (2013)
International Electrotechnical Commission- IEC: Functional safety - safety instrumented systems for the process industry sector, IEC 61511. IEC 61511, 152 (2016)
International Electrotechnical Commission- IEC: Industrial-process measurement control and automation, framework for functional safety and security. IEC 63069:2019, p. 152 (2019)
International Organization for Standardization, ISO: ISO/IEC 27001:2013 information technology — security techniques — information security management systems — requirements (2013)
IRM: Amateyrs attack technology. professional hackers target people. Website article (2015)
Jackson, C.: Iterating on quality: the tel curriculum development process. https://www.tel-education.org/iterating-on-quality-the-tel-curriculum-development-process/, year = 2021
Khelifa, B., Abla, S.: Security concerns in smart grids: threats, vulnerabilities and countermeasures. In: 2015 3rd International Renewable and Sustainable Energy Conference (IRSEC), pp. 1–6. IEEE (2015)
Kim, H.S.: Outcomes-based curriculum development and student evaluation in nursing education. J. Korean Acad. Nurs. 42(7), 917–927 (2012)
Koshutanski, H.: The role of SIEM in addressing the cyber-security challenges of modern EPES (2022). https://electron-project.eu/blog/the-role-of-siem-in-addressing-the-cyber-security-challenges-of-modern-epes/
Lekidis, A.: Cyber-security measures for protecting EPES systems in the 5G area. In: Proceedings of the 17th International Conference on Availability, Reliability and Security, pp. 1–10 (2022)
Luallen, M.E., Labruyere, J.P.: Developing a critical infrastructure and control systems cybersecurity curriculum. In: 2013 46th Hawaii International Conference on System Sciences, pp. 1782–1791. IEEE (2013)
Mattioli, R., Levy-Bencheton, C.: Methodologies for the identification of critical information infrastructure assets and services. ENISA Report (2014)
Ministeries, N.: National cyber security strategy for Norway (2019)
NIST: NIST special publication NIST SP 800-63-4 IPD digital identity guidelines. Tech. rep
Obrst, L., Chase, P., Markeloff, R.: Developing an ontology of the cyber security domain. In: STIDS, pp. 49–56 (2012)
Oman, P., Schweitzer, E., Roberts, J.: Safeguarding IEDS, substations, and SCADA systems against electronic intrusions. In: Proceedings of the 2001 Western Power Delivery Automation Conference, vol. 1, pp. 86–96 (2001)
Pasias, A., Kotsiopoulos, T., Lazaridis, G., Drosou, A., Tzovaras, D., Sarigiannidis, P.: Enabling cyber-attack mitigation techniques in a software defined network. In: 2021 IEEE International Conference on Cyber Security and Resilience (CSR), pp. 497–502. IEEE (2021)
Procopiou, A., Komninos, N.: Current and future threats framework in smart grid domain. In: 2015 IEEE International Conference on Cyber Technology in Automation, Control, and Intelligent Systems (CYBER), pp. 1852–1857. IEEE (2015)
Regjeringen: list of measures - National Cyber Security Strategy for Norway. https://www.regjeringen.no/contentassets/c57a0733652f47688294934ffd93fc53/list-of-measures--national-cyber-security-strategy-for-norway.pdf
Sarkar, S., Teo, Y.M., Chang, E.C.: A cybersecurity assessment framework for virtual operational technology in power system automation. Simul. Model. Pract. Theory 117, 102453 (2022)
Sriram, K., Montgomery, D.: Resilient interdomain traffic exchange, NIST special publication 800 (2019): 189. Tech. rep
Stouffer, Keith, J.F., Scarfone, K.: Guide to industrial control systems (ICS) security. NIST special publication 800.82 (2011): 16-16. Tech. rep. (2011)
Stouffer, K., Lightman, S., Pillitteri, V., Abrams, M., Hahn, A.: NIST special publication 800-82, revision 2: guide to industrial control systems (ICS) security. National Institute of Standards and Technology (2014)
Sun, C.C., Hahn, A., Liu, C.C.: Cyber security of a power grid: state-of-the-art. Int. J. Electr. Power Energy Syst. 99, 45–56 (2018)
The National Cyber Security Centre: email security and anti-spoofing. https://www.ncsc.gov.uk/collection/email-security-and-anti-spoofing
The National Cyber Security Centre: Phishing attacks: defending your organization How to defend your organisation from email phishing attacks. https://www.ncsc.gov.uk/guidance/phishing
Tsoumanis, G., Tsarchopoulos, P., Ioannidis, D.: D11. 12: Cyber data security management plans
Valliou, M., et al.: Strategy for cybersecurity education in smart grids. Intellectual Output 2, Erasmus+ Project Cybersecurity Curricula Recommendations for Smart Grids (CC-RSG) (2022). available online: https://www.uwasa.fi/sites/default/files/2022-04/Strategy20for%20cybersecurity%20education%20in%20smart%20grids%20CCRSG%20project.pdf
Wang, W., Lu, Z.: Cyber security in the smart grid: survey and challenges. Comput. Netw. 57(5), 1344–1371 (2013)
Weerathunga, P.E., Cioraca, A.: The importance of testing smart grid ieds against security vulnerabilities. In: 2016 69th Annual Conference for Protective Relay Engineers (CPRE), pp. 1–21. IEEE (2016)
Wen, S.F., Yamin, M.M., Katt, B.: Ontology-based scenario modeling for cyber security exercise. In: 2021 IEEE European Symposium on Security and Privacy Workshops (EuroS &PW), pp. 249–258. IEEE (2021)
Zeng, K., Li, Z.: Best practices in cybersecurity for utilities: Secure remote access (2020)
Acknowledgements
This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No. 101021936 (ELECTRON).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2025 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Kavallieratos, G. et al. (2025). Best-Practices-Based Training for Improving Cybersecurity in Power Grids. In: Garcia-Alfaro, J., et al. Computer Security. ESORICS 2024 International Workshops. ESORICS 2024. Lecture Notes in Computer Science, vol 15264. Springer, Cham. https://doi.org/10.1007/978-3-031-82362-6_21
Download citation
DOI: https://doi.org/10.1007/978-3-031-82362-6_21
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-82361-9
Online ISBN: 978-3-031-82362-6
eBook Packages: Computer ScienceComputer Science (R0)Springer Nature Proceedings Computer Science