Cyber Security for Critical National Infrastructure: Best Practices
June 21, 2023, 7 min read
Since the pandemic started, the concept of critical infrastructure has evolved. As we’ve seen, risks to critical infrastructure include more than just those to the nation’s water and power systems. Increased attacks on food and material supply systems, oil pipelines, and healthcare institutions, to name a few, have had visible effects.
According to the Cyber Security & Infrastructure Security Agency (CISA) in the United States, there are 16 critical infrastructure sectors whose assets, systems, and networks (natural or virtual) are essential to national security, public health, and public safety. Healthcare, food, transportation, information technology, financial institutions, and much more fall under this category.
This broader definition of critical infrastructure necessitates a similarly broader and more holistic approach to deploying and managing cyber resilience and cyber security technologies. Utilizing cloud computing, edge computing, the open internet, and other technologies, today’s supply chains are more digital and varied. This increases the number of potential entry points for attackers and the points at which natural disasters, cyberattacks, or other causes of outages could compromise vital infrastructure.
When protecting their vital infrastructure from cyber threats, all businesses today should adopt a holistic strategy, not just those in the 16 industries prioritized by CISA. This requires a dedication to risk mitigation, proactivity, and preparedness for any threat or crisis that may arise.
Identifying and Prioritizing Critical Assets
Various networks and complicated software and hardware requirements are involved because critical infrastructure spans thousands of miles and includes many remote installations. As a result of their size and complexity, these systems are rife with vulnerabilities.
Figure out Your Vantage Point
The first step in mitigating the risks associated with your organization’s assets is to thoroughly understand those assets. Who owns each item, where it is kept, and what it is used for should all be recorded. Using this method, you can pinpoint vulnerable areas in your infrastructure and prioritize repairs. Include those of any third-party vendors (such as SaaS or cloud-hosted application providers) on which your business relies for essential daily operations. Reference architectures for all the systems you rely on should ideally be included in your inventory.
Keep a Detailed Inventory at all Times
Companies with extensive real-world and online holdings may benefit from implementing an IT asset management solution. Changes in the environment, such as firm mergers and acquisitions, may necessitate adjusting your strategy.
Focus on What Matters
When deciding what matters most for the company, the board should do so from a broad perspective. For instance, the board may be aware of a crucial partner whose data, if compromised, might have a devastating effect. The technical teams in your company need to know this so that they can put more emphasis on safeguarding the most precious assets (the “crown jewels”). They may be priceless because you can’t do your job without them or because losing them would hurt your reputation or bank account.
Join Forces with Other Groups
It is not up to your technical staff to determine which assets are mission-critical. The business and IT departments must work closely together on this, and both must have a solid grasp of the assets at hand and the company’s larger goals. Your business continuity plan and strategy for remediating old systems should link back to your baseline and your understanding of essential assets. It will require the input of operational technology groups at companies with cyber-physical estates. It shouldn’t be limited to “the assets under your IT department’s control” but should instead include all of your company and its suppliers.
Taking Action to Protect Critical National Infrastructure from Cyber Threats
Here are four guidelines to help you strengthen your cyber security and avoid potential dangers.
Encourage a mindset of security first.
Your company is ultimately safe because of the people that work there.
If even one of your workers falls for a phishing or zero-day assault, downloads a malicious file, gives out their credentials by accident, or doesn’t patch or update their devices, your entire network is at risk.
Your system is vulnerable to brute force assaults and password spraying because it relies on the security of its weakest password.
Failure to follow procedures or human mistakes account for most security lapses. Only 55% of electric utility professionals have timely and systematic patching of their systems, according to the 2021 State of the Electric Utility (SEU) Survey Report from Utility Dive.
Cyber security is not just the responsibility of your IT departments. Everyone has to be briefed on cybercrime trends, updated on common attacks and vulnerabilities, and encouraged to upgrade and safeguard their devices.
Bricata, a cyber security firm, suggests that companies’ marketing departments work with specialists in the field to foster a security culture.
Utilities must also promote openness by reporting assaults to the government, building and implementing effective incident response strategies, and sharing best practices across their network.
Cyber “war games” are a great way to put your protocols to the test.
Apply a Strict Zero Trust Policy
Forget about giving everything in your network the benefit of the doubt; instead, use the “castle and moat” security paradigm. Sure, you can snuff out those times now. It’s unsafe to assume something is secure because it’s already within your network.
You must have a strict no-trust policy.
Consider everyone inside and outside your network to be malicious. Access to any network resources should be subject to stringent, continuous identity verification, with access granted only to those who require it to do their jobs.
You can keep your most precious assets safe against theft, data breaches, and unsecured hardware and software by maintaining stringent access controls and implementing the principle of least privilege.
Get Back to Basics
Many security failures aren’t the result of clever hacking but of unlocked doors.
This means that even the most straightforward precautions can significantly reduce the likelihood of an assault.
Change the factory-set passwords on all of your gadgets and set up a rotation of new ones. Employees should be required to use complex passwords. Maintain strict use of MFA (multi-factor authentication). Protect your data both while it is stored and while it is in transit by encrypting it. Make sure you’re always running the most recent software and firmware.
Regularly teach your staff the best cyber security practices and protocols. Keep them updated on the latest cyber threats and vulnerabilities. More training will make you more ready for anything.
Reduce Contagiousness by Using Separated Parts and Air Gaps for Backups
Having safeguards in place to prevent ransomware from spreading and attackers from gaining a foothold is essential in the event of an attack. Air-gapped backups and network segmentation are two methods you can use to achieve this.
The former prevents ransomware from spreading from one part of your network to another and isolates particular workloads to safeguard east-west traffic within a data center.
Ensure Complete and Comprehensive Physical Safety
The vital infrastructure does not permanently reside in a safe data center. Additionally, critical infrastructure can be accessed via the network from field offices and other outlying locations. (Also see: Increasing cyber security for Effective Networks.)
The same physical safeguards and rules employed by a secure and hardened data center should be in place in these areas.
Badging and biometrics can restrict and monitor people’s physical access to buildings. Visitors should be logged in and issued temporary badges (or perhaps physically escorted) to limit access. Keep a watchful eye on 24/7 surveillance cameras, front desk and security guards, secure hardware, and educate your staff.
Conclusion
You must first know where your most valuable possessions are kept to protect your business better. Prioritizing cyber security and consulting with professionals can help make sure your data and information are safe.
The past year has illuminated the precarious position of modern businesses in the face of cyberattacks. This means you must always be on the lookout and ready.
Determine where your cyber security measures fall short and fill those gaps with these recommended practices. By doing so, you can prepare for such attacks and lessen their impact.
FAQs
How can we prioritize and apply these safety measures effectively to boost cybersecurity?
Organizations can enhance their cybersecurity posture by implementing a systematic approach to prioritize safety measures based on risk assessment and organizational needs.
How do AI and ML enhance cybersecurity, and how can we use them alongside these safety measures?
AI and ML technologies augment cybersecurity by enabling advanced threat detection, pattern recognition, and anomaly detection. Integrating these technologies with existing safety measures can significantly improve threat detection and response capabilities.
What factors should we consider when choosing cybersecurity solutions and service providers?
When selecting cybersecurity solutions and service providers, factors such as reliability, scalability, compliance with industry standards, cost-effectiveness, and compatibility with existing infrastructure should be carefully considered to ensure optimal protection against cyber threats.
How can we stay updated on cyber threats and trends to adjust our safety measures?
Regularly monitoring industry reports, threat intelligence feeds, and security blogs and participating in cybersecurity forums and communities can help organizations stay informed about emerging cyber threats and trends. This information can then be used to adapt and strengthen existing safety measures.