We know adversaries have the expertise and tools necessary to take down critical infrastructure and systems that cripple entire regions. These critical systems are essential to our global economy, physical security, and health. We rely on them to provide electricity in our homes; transportation to work and play, a secure place for our lifesavings, as well as a communication systems to stay in touch with people we love. With such a heavy reliance, we must ask ourselves….are we doing enough to protect our global critical infrastructure? Some good progress has been made; through the maturing of industry standards and deployment of commercial off-the-shelf security technologies. But, in order for critical infrastructure to be ready to take on the cyber risks of today (and tomorrow) will require a holistic strategy.
It will require that security is put above everything, embedded everywhere and integrated throughout the operations of every critical infrastructure provider – across its people, processes and technology.
Start with a Resilient Network
Critical infrastructure providers no longer see technology as an extension of the services they provide but rather at the core – and because they are enabled by technology, that means they will need to embed security everywhere. Like any cybersecurity strategy, critical infrastructure providers need to take a risk-based approach to understand, where are they most vulnerable? And how do they address those risks? In nearly every risk based assessment I’ve seen, the ability to have visibility and control from the network is THE critical risk control point. The network connects the data, programs, applications, web networks, software and hardware within a critical infrastructure provider’s environment so it can deliver goods and services to end customers. It’s impossible to successfully digitize critical infrastructure securely if you don’t trust your network. Any network including devices like routers, switches, or access points, as well as your cloud infrastructure can be vulnerable. Addressing this risk requires embedding security technology, processes and policies so the authenticity and integrity of each device can be verified as well as any hardware and/or software running on it.
Integrate Security throughout Your Operations
It is clear that no single vendor provides every technology to prevent, detect or respond to the threats of today. It is crucial that security operations add capabilities that increase their ability to respond to security incidents as an essential part of any cybersecurity strategy. However, this strategy of adding bespoke tools to address point problems can quickly break down without an integrated architecture. We know the pain because at Cisco we lived through it (scroll down to hear our CISO Steve Martino tell the story.) The digital age requires machine speed. To get to machine speed you must have visibility and control. To gain visibility and control takes an integrated architecture of solutions that work together, communicate, and automate actions to make it easier to address incidents faster (machine speed) and less complex (does not rely on multiple human actions). The digital world moves fast. With critical infrastructure providing essential services to our daily way of life, the speed at which cyber incidents can be detected and thwarted in their environments is vital.
It’s a Multi-Party Responsibility
To secure critical infrastructure on a global scale will require more than just individual organizations, it is a multi-party responsibility including both the public and private sector. There is much to be gained through innovative partnerships that share best practices, collaborate on threat intelligence, teach how to build and deploy secure solutions, and bolster education and training. At Cisco, we’ve gone through a digital transformation as a global enterprise with over 70,000 employees. We operate 176,000 networks around the world and block close to 20 billion internet threats a day. We’ve learned some things along the way about what it takes to protect a global digital enterprise. We see it as our responsibility to partner and share best practices in constructive ways; whether it is joining industry initiatives like the Charter of Trust or actively working to combat cyber-crime in partnership with global law enforcement organizations like Interpol.
A cyber-attack on critical infrastructure, and the technology that keeps it running, has the potential for wide-ranging effects. This is why, when it comes to something so valuable to our global society, cybersecurity must be a top priority. When done properly – security above everything, embedded everywhere and integrated throughout the operations of every provider – our global critical infrastructure will be ready for the risks of tomorrow and the providers will be able to grow and innovate armed with the power of digital capabilities.
For critical infrastructure providers and enterprises alike, October is Cybersecurity Awareness Month in many countries around the world. Be sure to join the dialog! In addition, the Cisco Trust Center offers new resources to help you with security, trust, data protection, and privacy all year round.
Hi! Anthony. Yes Critical Infrastructure Security is least looked at sometimes with companies and Governments. We have a speaker at our CS 7 Convention speaking about it as well. Love to hear what exactly CISCO is offering. Visit http://www.cs7conv.com for more info.
Hi, Anthony. I want to amplify your statement, "In nearly every risk based assessment I’ve seen, the ability to have visibility and control from the network is THE critical risk control point."
And we at Nozomi Networks are pleased to be working with Cisco Systems to enable the asset visibility, vulnerability analytics, process anomaly and threat detection and forensic threat intelligence for critical infrastructure and ICS cyber resilience strategy: https://www.nozominetworks.com/2018/09/19/blog/integration-with-cisco-technologies-delivers-it-ics-security/.