After covering cybersecurity from both a personal and business perspective, this final post for National Cyber Security Awareness Month (NCSAM) expands to security in our nation’s critical infrastructure theme – “Protecting Critical Infrastructure from Cyber Threats”.
The link between infrastructure and cybersecurity
Critical infrastructure includes the many essential systems that sustain our economy and way of life, such as electricity, railways, roadway traffic control, communication, sewage and water systems, and financial institutions. All of these essential systems have become more reliant on networked technology over the last several years, making them a target to cyber threats.
Building cyber resilience will help keep our critical infrastructure safe
Our critical infrastructure underpins our way of life, and securing these systems and technologies is essential for the nation. Here are some suggestions to help keep the systems we depend on more secure.
- Start by protecting your company. The private sector owns the vast majority of the nation’s critical infrastructure and resources.* As such, one of the first steps in protecting critical infrastructure is to protect your organization’s infrastructure. Start by developing a comprehensive and coordinated business continuity plan at your company. Consider aspects such as your electricity supply, communications links, water supply and waste disposal, as well as your physical supply, storage and distribution for fuel, raw materials and products.nce you have business continuity plan in place, you should continually monitor, and improve analysis and warning capabilities for both cyber and physical threats.
- Secure your supply chain. Make sure hardware and key infrastructure components are secured and protected. While software vulnerabilities can cause substantial loss, they can also be fixed relatively easily when identified by updating the latest patches, firmware, or product upgrades. Hardware updates for improved security can be a more cumbersome process and often the only answer is to replace each piece of offending hardware. It’s also recommended that you implement supply chain protection measures around your products and services to help protect against both cyber and physical attacks that could comprise the integrity of the hardware and software components that may become part of the critical infrastructure. Partnering with the right product manufacturers and integrators, those with a communicated focus on cyber security, will enable critical control systems to continue to operate.
- Build public-private partnerships. By working together, private enterprises and public organizations can effectively confront security problems that jeopardize infrastructure. Information exchanges and cooperation can allow both sides to address awareness, vulnerability remediation, and recovery operations.
As National Cyber Security Awareness Month concludes, we encourage you to look back at the tips and strategies we’ve covered over the past month. Share them with colleagues and friends, and start implementing them.
We also encourage you to stay up-to-date by registering on the Cyber Protection Program website for product advisories and resources on topics related to your cybersecurity.
*The Department of Homeland Security (DHS), Critical Infrastructure Sector Partnerships https://www.dhs.gov/critical-infrastructure-sector-partnerships July 11, 2017.