**Chapter 10**

*Issues on Risk Analysis for Critical Infrastructure Protection*

[57] Luiijf E, Klaver M. Governing critical ICT: Elements that require attention. Eur J Risk Regul.

[58] De Donno M, Dragoni N,

and Mirai Investigation. Bugliesi M, editor. Secur Commun Networks [Internet]. 2018;2018:7178164. Available from: https://doi.org/10.1155/2018/7178164

2016-emergent.pdf

Giaretta A, Spognardi A. DDoS-Capable IoT Malwares: Comparative Analysis

[59] Steijn W, Luiijf E, Beek D van der. Emergent risk to workplace safety as a result of the use of robots in the work place [Internet]. Utrecht, The Netherlands; 2016. Available from: http://publications.tno.nl/ publication/34622295/QDXZqU/steijn-

[60] European Commission. Regulation

(EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Da [Internet]. Brussels, Belgium; 2016. Available from: http://eur-lex.europa.eu/legal-content/ en/TXT/?uri=CELEX%3A32016R0679

2015;6(2):263-70.

[50] ENISA. Considerations on ICT security certification in EU Survey Report [Internet]. Heraklion, Greece; 2017. Available from: https://www. enisa.europa.eu/publications/

[51] JTF. Security and privacy controls for federal information systems and organizations Rev 5. Vol. 800, NIST Special Publication. Gaithersburg, MD,

[52] ENISA. Cyber Security Information Sharing: An Overview of Regulatory and Non-regulatory Approaches [Internet]. Heraklion, Greece; 2015. Available from: https://www.enisa. europa.eu/publications/cybersecurityinformation-sharing/at\_download/

[53] Luiijf E, Kernkamp A. Sharing Cyber Security Information, Good Practice Stemming from the Dutch Public-Private-Participation Approach,

The Hague, Netherlands. 2015.

Hague, Netherlands; 2017.

[54] Klaver MHA, Vos P, Tjemkes B, Verner DR. Enhancement of Public-Private Partnerships within Critical Infrastructure Protection Programs. The

[55] DHS (Department of Homeland Security). Recommended Practice: Improving Industrial Control Systems Cybersecurity with Defense-In-Depth Strategies [Internet]. Washington, DC, USA; 2016. Available from: https:// ics-cert.us-cert.gov/sites/default/files/ recommended\_practices/NCCIC\_ICS-CERT\_Defense\_in\_Depth\_2016\_S508C.

[56] Luiijf, H., van Schie T, van Ruijven T, Huistra A. The GFCE-MERIDIAN Good Practice Guide on Critical Information Infrastructure Protection for governmental policymakers. The Hague, The Netherlands:

certification\_survey

USA; 2020.

fullReport

**188**

TNO; 2016.

pdf
