November 1st officially kicked off the Cybersecurity and Infrastructure Security Agency’s (CISA) Infrastructure Security Month, and this year’s theme is “Infrastructure Security is National Security: Drive Down Risk, Build Resilience.” Since the energy sector is an essential part of critical infrastructure, we continue our examination of the latest cybersecurity moves impacting it.
CISA Enlists Help to Create Cybersecurity Goals
As we grow our awareness of the threat landscape building up around infrastructure, including adversaries far and wide, the CISA is looking to expand resources available to protect facilities such as energy systems. Throughout November, “CISA will be bringing the world of infrastructure security and resilience to life with interviews and blogs featuring CISA staff and external industry partners, as well as other activities,” the agency explained on its website.
To start, they have published a 15-page checklist of CISA performance goals. The checklist covers account security, device security, data security, vulnerability management, response and recovery, and finally network segmentation. The checklist is meant to guide cybersecurity teams through an assessment of their current and future state in these areas.
But it’s not stopping there. It also recently served as a platform for the Department of Homeland Security to release cybersecurity performance goals for critical infrastructure. According to Information Week, the FBI’s Internet Crime Complaint Center (IC3) reported 649 complaints of critical infrastructure ransomware attacks in 2021, and it predicts this number will rise. In order to minimize such risk, the organizations teamed up with hundreds of both public and private organizations to form the goals, which include device and data security, governance and training, and supply chain among others. To maintain the relevance of these goals, they will reportedly be updated every 6-12 months.
Ukraine’s Deputy Cyber Leader Emphasizes the Importance of Partnership
One of the main themes to come out of such efforts is the outreach to partners. Having multiple perspectives included makes for more comprehensive strategies when it comes to protecting critical infrastructure such as the energy sector. This was a point that Victor Zhora, Ukraine’s deputy cyber leader, emphasized during a recent speaking engagement. He shared his appreciation for the global cybersecurity community, made up of governments and private organizations, that have come together to help the country during this time of great need through the programs like intelligence assistance and resource sharing, such as cloud and hardware cybersecurity. As he put it, “Exchanging information about threats can be the most efficient way to build a robust cybersecurity ecosystem, which can counter these threats that Ukraine is currently facing and that can reappear in future.”
In Summary
The cybersecurity performance goals are designed to create a baseline of best practices for both IT and OT teams within the critical infrastructure space. No matter where you are on the cybersecurity journey, you will find that your operational network plays a key role in managing risk. From securing your devices to the way your network topology is designed, it’s important to consider a defense-in-depth strategy using micro-segmentation to isolate and reduce your attack surface. Our advice: find the right partners. Expertise, training, implementation, and management will continue to evolve, and teaming up with trusted companies will serve you well in the long run.
Sources:
- SECURITY IS NATIONAL SECURITY” – Cybersecurity & Infrastructure Security Agency
https://www.cisa.gov/news/2022/11/01/cisa-applauds-beginning-infrastructure-security-month-declaring-infrastructure - “New CISA Goals Tackle Critical Infrastructure Cybersecurity” – Carrie Pallardy, Information Week
https://www.informationweek.com/security-and-risk-strategy/new-cisa-goals-tackle-critical-infrastructure-cybersecurity - “Ukraine Deputy Cyber Leader on Lessons From Russia-Ukraine Cyberwar” – George V. Hulme, Security Boulevard
https://securityboulevard.com/2022/11/ukraine-deputy-cyber-leader-on-lessons-from-russia-ukraine-cyberwar/