Skip to main content
SpringerLink
Log in
Book cover

Securing Electricity Supply in the Cyber Age pp 159–169Cite as

Experience From the Financial Sector with Consumer Data and ICT Security

  • Chapter
  • First Online:

  • 774 Accesses

Part of the book series: Topics in Safety, Risk, Reliability and Quality ((TSRQ,volume 15))

Abstract

This chapter describes some standards and norms and best practices related to ICT security used within the financial services industry in the Netherlands. Although some of the best practices are sector specific, such as ATM security measures, we assume that most of the ICT security challenges for banks are similar to the challenges of the energy sector. Therefore, we hope that this paper will bring up new ideas for those who are responsible for ICT security in the energy sector. Information security and business continuity measures together belong to the area of operational risk management in a banking environment. Operational risk management is highlighted in Section 9.2. Operational risk management within a bank can best being described as a structured approach to respond to a number of threats according to the principles of Basel II. One the key elements is the capital calculation for operational risks. Section 9.3 explains a simplified model for the analysis of operational risks and the classification of data into three quality aspects: availability, integrity and confidentiality. In Section 9.4 state-of-the-art attacks, such as man-in-the-browser attacks, on Internet banking systems are discussed as an example of external fraud banks face today. The next Section explains the industries co-operative responses to those attacks. Finally, in Section 9.6 a parallel is made towards the energy sector with some conclusions and policy and research recommendations.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD   109.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Notes

  1. 1.

    http://www.3xkloppen.nl

  2. 2.

    ‘Phishing’ is a collective noun for internet related identity theft incidents.

  3. 3.

    http://www.samentegencybercrime.nl (in Dutch)

  4. 4.

    Such as floods, lightning storms, etc.

Abbreviations

AMA:

Advanced Measurement Approach

AIVD:

Algemene Inlichtingen- en Veiligheidsdienst

CRM:

Customer Relations Management (system)

CDW:

Customer Data Warehouse

EMV:

Europay Mastercard Visa

KLPD:

Korps Landelijke Politiediensten

SCADA:

Supervisory Control and Data Aquisition

SEPA:

Single European Payments Area

SMS:

Short Message System

References

  1. NEN-ISO/IEC 27002: Information technology - Security techniques - Code of practice for information security management, November (2007)

    Google Scholar 

  2. Basel Committee on Banking Supervision, International Convergence of Capital Measurement and Capital Standards (2005). http://www.bis.org , November 2005

  3. Guldentops, E.: Governing information technology through COBIT, IFIP TC11/WG11.5 4th Working conference on integrity and internal control in information systems. Kluwer, Brussel (2001)

    Google Scholar 

  4. ENISA: Risk management: implementation principles and inventories for risk management/assessments methods and tools, June (2006)

    Google Scholar 

  5. Keemink, S., Roos, B.: Security analysis of Dutch smart metering systems. University of Amsterdam, Amsterdam (2007)

    Google Scholar 

  6. Hafkamp, W.H.M.: Is internetbankieren nog wel veilig? NIBE Bank en Effectenbedrijf - Fraudeflits, September (in Dutch) (2007)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Rabobank Nederland, 17100, 3500, HG, Utrecht, The Netherlands

    Wim Hafkamp & René Steenvoorden

Authors
  1. Wim Hafkamp
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. René Steenvoorden
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Wim Hafkamp .

Editor information

Editors and Affiliations

  1. Fac. Technology, Policy & Management, Delft University of Technology, Delft, 2600 GA, Netherlands

    Zofia Lukszo

  2. Dept. Electrical Engineering (ESAT), Katholieke Universiteit Leuven, Kasteelpark Arenberg 10, Leuven, 3001, Belgium

    Geert Deconinck

  3. Fac. Technology, Policy & Management, Delft University of Technology, Jaffalaan 5, Delft, 2628 BX, Netherlands

    Margot P. C. Weijnen

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer Science+Business Media B.V.

About this chapter

Cite this chapter

Hafkamp, W., Steenvoorden, R. (2010). Experience From the Financial Sector with Consumer Data and ICT Security. In: Lukszo, Z., Deconinck, G., Weijnen, M. (eds) Securing Electricity Supply in the Cyber Age. Topics in Safety, Risk, Reliability and Quality, vol 15. Springer, Dordrecht. https://doi.org/10.1007/978-90-481-3594-3_9

Download citation

  • DOI: https://doi.org/10.1007/978-90-481-3594-3_9

  • Published:

  • Publisher Name: Springer, Dordrecht

  • Print ISBN: 978-90-481-3593-6

  • Online ISBN: 978-90-481-3594-3

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation