Page 28 - Cyber Defense eMagazine January 2024
P. 28

Keeping Critical Infrastructure Secure

            While it is unlikely to ever secure IT and OT environments 100%, risk reduction strategies can be put into
            place to prevent cyberattacks from becoming successful. Organizations should understand and prioritize
            the most critical operational functions that, if disrupted by a direct cyberattack or the loss of a key third-
            party service,  would have a significant impact  on the ability  to operate.  For instance, if a single facility
            accounts for 90% of a company’s revenue or a single substation services a key national security site in
            a remote location, these assets are likely top priorities to keep operational  and reduce downtime. Once
            these  critical  functions  are identified,  the organization  can map  the IT  and OT  network  pathways  that
            support  these systems  and implement  security  or engineering  controls to reduce  risks of downtime  or
            failure.

            Identifying  and  mitigating  known  vulnerabilities  are  also  critical  steps  in  the  risk  reduction  process.
            Organizations can make significant gains by simply closing gaps that are widely known to exist. Installing
            cybersecurity sensors for 24/7 monitoring can also lead to faster mitigation action to limit damage from a
            cyberattack. Cyberattacks can occur at any time and having a dedicated team available on call to identify
            and  respond  to  an  incident  can  limit  downtime  and  the  potential  for  the  event  becoming  a  more
            widespread issue.

            Closing vulnerabilities  and implementing  network monitoring  are effective  measures for reducing cyber
            risks in existing critical infrastructure  but to really get ahead of the risks presented  by a growing attack
            surface, cybersecurity and resilience should be addressed at the earliest design and planning phases of
            new projects. This kind of collaboration, commonly referred to as Cyber-Informed  Engineering, consists
            of  discussions  among  cybersecurity  professionals,  engineers  and  project  designers  to  identify  and
            address  cyber risks  in the control and  safety of automated  systems.  When  done at the front  end, this
            approach  can  make  the  implementation  of  cybersecurity  controls  more  effective,  efficient  and  cost-
            effective rather than trying to add these measures on after the capital project is completed.

            Adversaries often look for the path of least resistance when it comes to seeking an attack vector to take
            down a valuable  asset. For critical  infrastructure  — or any organization  — it’s important  to proactively
            safeguard  systems to keep communities  supplied  with crucial services.  Having a cybersecurity  plan in
            place to identify potential vulnerabilities  and putting a plan in place to respond to an attack are vital for
            maintaining the reliability and resiliency of critical infrastructure.




















            Cyber Defense eMagazine – January 2024 Edition                                                                                                                                                                                                          28
            Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.
   23   24   25   26   27   28   29   30   31   32   33