Abstract
This paper is asking who cares about information security-but may perhaps be better stated as who should care. It is likely that there is no simple answer to this question-and that responsibility for information security needs to be taken by several parties within the utility. The initial sections of this paper took at some of the different forms of attack an intruder may use to steal information from the utility, to cause utility services to mal-function, or to deny the utility access to its own information. The paper also considers the question Where do these attacks originate? Finally the paper considers a process model that can be used to help the utility with understanding the security problem it may have-the process of producing a protection profile. This process has evolved from the work of the ISO/IEC Joint Technical Committee JTCI (Information Technology) which has produced The Common Criteria for Information Technology Security Evaluation. The analysis represented by these protection profiles may assist the utility to answer the question who should be caring about information This paper concludes that everyone should care about information security.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
