Abstract
The rate of cyberattacks is increasing due to the ever-growing need to improve technologies in different sectors. Most industries are becoming more digital due to the business advantages that come with digitalised systems, such as improved communication, virtual monitoring, flexibility and improved data sharing. However, it is important to highlight that security risks also increase. The protection of critical infrastructure from cyberattacks is therefore becoming a concern and a priority.
The water sector is one of the critical infrastructures that needs to be protected against cyberattacks. Failure to protect the water sector can negatively impact the country’s economy, as well as health of humans, plants and animals. Other critical sectors such as the health sector and food industry depend a great deal on the water sector to function effectively. Therefore, there is a need to prevent cyberattacks in the water sector. Cybersecurity information sharing is one of the important cybersecurity strategies to fight cyberattacks. The aim of this study was to derive guidelines on cybersecurity information sharing in the water sector.
A systematic literature review methodology was followed to select relevant studies for the research. Five academic databases were explored, using defined search terms, exclusion criteria and inclusion criteria to screen for relevant studies. From the selected studies data was extracted and analysed. Information-sharing guidelines were extracted from the different studies, and it was established that effective information sharing depends a great deal on collaboration. It was also observed that establishing trust between sharing parties plays an important role in effective collaboration. Information sharing is not a one-man show; it requires public-private partnership. This study shows that it is important for all stakeholders involved in sharing to participate in every aspect.
The importance of legal regulations was highlighted. In all the guidelines derived, agreement should be reached by all stakeholders involved in information sharing. The guidelines also highlight the importance of privacy and confidentiality when sharing information. The guidelines focus on standards and specifications to be followed when developing information-sharing platforms, but only a few studies discuss these aspects. The tools required for information sharing are also discussed. Further studies can be done to explore more information on polices and standards, since few authors have dealt with these aspects.