Government organizations and the critical infrastructures of our country rely on cyber systems and electronic information to execute operations and to manage, process, and document vital information. Securing these systems and data is essential to our nation’s safety, prosperity, and well-being. As governor, it is my duty to ensure cybersecurity issues and threats are taken care of for all critical infrastructures, but before we can move forward we all need to understand what this means.
Critical infrastructure is the body of systems, networks and assets that are so essential that their continued operation is required to ensure the security of a given nation, its economy, and the public’s health and/or safety (WhatIs.com, 2019). Some examples of critical infrastructures include, but are not limited to the energy sector, transport system, and water systems. Unfortunately, many computer systems and networks were not designed with security in mind. As a result, the core of our critical infrastructure is riddled with vulnerabilities that could enable an attacker to disrupt operations or cause damage to these infrastructures.
Destruction or tampering with any of the mentioned facilities could be disastrous to the health and security of the American people hence, cybersecurity plays a vital role in protecting these assets. There are different types of attackers and threats each with different motives. Some of the common threats include individual hackers, politically motivated hacktivists, criminal enterprises, and unfriendly “nation state” actors. For example, individual hackers mostly engage in hacking for the fun, but even without malicious intent their actions can cause grave damage to critical infrastructures. Hacktivism refers to politically motivated attacks on publicly accessible Web pages or email servers. These groups and individuals overload e-mail servers and hack into Websites to send a political message (Office, 2004).
With all the different types of threats we need to find ways to mitigate them. The government as a whole must manage cybersecurity risk and protect their critical infrastructures. Following three simple, yet important, best practices will allow organizations to prepare for the operational, business and industry reputation risks posed by cyberattacks on operational technology infrastructures.
* Increase Visibility – Visibility into industrial networks and their risk exposure is key to improving critical infrastructure cyber resiliency and operational reliability. Effective visibility requires real-time network monitoring and a continuously updated network asset inventory. Also, organizations should consolidate visibility as well. Doing so can help reduce support costs, speeds troubleshooting and improves staff efficiencies (Capdevielle, 2018).
* Integrate Cybersecurity with Artificial Intelligence and Machine Learning – Artificial intelligence (AI) now allows the process-oriented anomaly detection necessary to deliver the same levels of cyber protection in operational technology (OT) as in information technology (Capdevielle, 2018). By learning independently and adjusting, as well as implementing AI, the correct solutions can help manage alerts and reduce false positives while finding new threats all at the same time.