Cyber Security for Critical National Infrastructure: Best Practices

Since the start of the pandemic, the concept of critical infrastructure has evolved. As we’ve seen, risks to critical infrastructure include more than just those to the nation’s water and power systems. Increased attacks on food and material supply systems, oil pipelines, and healthcare institutions, to name a few, have had visible effects.

According to the cyber security & Infrastructure Security Agency (CISA) in the United States, there are 16 critical infrastructure sectors whose assets, systems, and networks (whether natural or virtual) are essential to national security, public health, and public safety. Healthcare, food, transportation, information technology, financial institutions, and much more fall under this category.

This broader definition of critical infrastructure necessitates a similarly broader and more holistic approach to the deployment and management of cyber resilience and cyber security technologies. Utilizing cloud computing, edge computing, the open internet, and other technologies, today’s supply chains are more digital and varied than ever before. This increases the number of potential entry points for attackers and the number of points at which vital infrastructure could be compromised by natural disasters, cyberattacks, or other causes of outages.

When it comes to protecting their vital infrastructure from cyber threats, all businesses today, not just those in the 16 industries prioritized by CISA, should adopt a holistic strategy. This requires a dedication to risk mitigation, proactivity, and preparedness for any type of threat or crisis that may arise.

Identifying and Prioritizing Critical Assets

There are various networks involved, as well as complicated software and hardware requirements because critical infrastructure spans thousands of miles and includes many remote installations. As a result of their size and complexity, these systems are rife with vulnerabilities.

Figure out Your Vantage Point

The first step in mitigating the risks associated with your organization’s assets is to gain a thorough understanding of those assets. Who owns each item, where it is kept, and what it is used for should all be recorded. Using this method, you can pinpoint vulnerable areas in your infrastructure and prioritize repairs. Include those of any third-party vendors (such as SaaS or cloud-hosted application providers) on which your business relies for essential daily operations. Reference architectures for all the systems you rely on should ideally be included in your inventory.

Keep a Detailed Inventory at all Times

Companies with extensive real-world and online holdings may benefit from implementing an IT asset management solution. Changes in the environment, such as firm mergers and acquisitions, may necessitate adjusting your strategy.

Focus on What Matters

When deciding what matters most for the company, the board should do so from a broad perspective. For instance, the board may be aware of a crucial partner whose data, if compromised, might have a devastating effect. The technical teams in your company need to know this so that they can put more emphasis on safeguarding the most precious assets (the “crown jewels”). They may be priceless because you can’t do your job without them, or because losing them would hurt your reputation or bank account.

Join Forces with Other Groups

It is not up to your technical staff to figure out which assets are mission-critical. The business and IT departments must work closely together on this, and both must have a solid grasp of the assets at hand and the company’s larger goals. Your business continuity plan and your strategy for remediating old systems should both link back to your baseline and your understanding of essential assets. It will require the input of operational technology groups at companies with cyber-physical estates. It shouldn’t be limited to “the assets under your IT department’s control,” but should instead include all of your company and its suppliers.

Taking Action to Protect Critical National Infrastructure from Cyber Threats

Here are four guidelines to help you strengthen your cyber security and avoid any potential dangers.

Encourage a mindset of security first.
Your company is ultimately safe because of the people that work there.

If even one of your workers falls for a phishing or zero-day assault and downloads a malicious file, gives out their credentials by accident, or doesn’t patch or update their devices, your entire network is at risk.

Your system is vulnerable to brute force assaults and password spraying because it relies on the security of its weakest password.

Failure to follow procedures or human mistake account for the vast majority of security lapses. Only 55% of electric utility professionals have timely and systematic patching of their systems, according to the 2021 State of the Electric Utility (SEU) Survey Report from Utility Dive.

Cyber security is not just the responsibility of your IT departments. Everyone has to be briefed on cybercrime trends, updated on common attacks and vulnerabilities and encouraged to upgrade and safeguard their devices.

Bricata, a cyber security firm, suggests that companies’ marketing departments work together with specialists in the field to foster a culture of security.

Utilities must also promote openness by reporting assaults to the government, as well as build and implement effective incident response strategies, and sharing best practices across their network.

Cyber “war games” are a great way to put your protocols to the test.

Apply a Strict Zero Trust Policy

Forget about giving everything in your network the benefit of the doubt; instead, use the “castle and moat” security paradigm. Sure, you can snuff out those times now. It’s not safe to assume something is secure just because it’s already within your network.

You must have a strict no-trust policy.

Consider everyone inside and outside your network to be malicious. Access to any network resources should be subject to stringent, continuous identity verification, with access granted only to those who require it to do their jobs.

You can keep your most precious assets safe against theft, data breaches, and unsecured hardware and software by maintaining stringent access controls and implementing the principle of least privilege.

Get Back to Basics

Many security failures aren’t the result of clever hacking but of unlocked doors.

What this means is that even the simplest precautions can greatly reduce the likelihood of an assault.

Change the factory-set passwords on all of your gadgets and set up a rotation of new ones. Employees should be required to use complex passwords. Maintain strict use of MFA (multi-factor authentication). Protect your data both while it is stored and while it is in transit by encrypting it. Make sure you’re always running the most recent software and firmware.

Regularly teach your staff the best cyber security practices and protocols. Keep them updated on the latest cyber threats and vulnerabilities. More training will make you more ready for anything.

Reduce Contagiousness by Using Separated Parts and Air Gaps for Backups

Having safeguards in place to prevent ransomware from spreading and attackers from gaining a foothold is essential in the event of an attack. Air-gapped backups and network segmentation are two methods you can use to achieve this.

The former prevents ransomware from spreading from one part of your network to another and isolates particular workloads within your network to safeguard east-west traffic within a data center.

Ensure Complete and Comprehensive Physical Safety

The important infrastructure does not always reside in a safe data center. Additionally, critical infrastructure can be accessed via the network from field offices and other outlying locations. (Also see: Increasing cyber security for Effective Networks.)

The same physical safeguards and rules employed by a secure and hardened data center should be in place in these areas.

Badging and biometrics can be used to restrict and monitor people’s physical access to buildings. Visitors should be logged in and issued temporary badges (or perhaps physically escorted) to limit their access. Keep a watchful eye on 24/7 surveillance cameras, front desk and security guards, secure hardware, and educate your staff.

Conclusion

To better protect your business, you must first know where your most valuable possessions are kept. Prioritizing cyber security and consulting with professionals can help make sure your data and information are safe.

The past year has illuminated the precarious position of modern businesses in the face of cyberattacks. This means you need to be on the lookout and ready at all times.

Determine where your cyber security measures fall short and fill those gaps with these recommended practices. By doing so, you can prepare for such attacks and lessen their impact.