Page 168 - Cyber Defense eMagazine June 2024
P. 168

mandate  that  those  standards  are  followed.  This  would  then  set  market  conditions  for  enabling
            technologies and help give rate regulators confidence that costs are reasonable and should be part of
            utility rates.

            Another area is the emphasis on resilience.  Mandating resilience standards means that water sector
            organizations will have responsibilities for planning, exercising, and building resilience in case incidents
            do impact water supply.  This makes it less likely that a cyber incident will have a significant cascading
            impact on communities.

            This  kind  of  smart  security  and  resilience  regulation  is  a  welcome  additive  to  the  purely  voluntary
            approach. It is intended to integrate cyber security and resilience into the “cost of doing business,” while
            relying heavily on private expertise.  It is particularly appropriate for the water sector given the current
            risk environment.

            Across  many  issues,  today’s  cyber  and  supply  chain  risk  environment  requires  new  strategies  and
            policies – and related structures – to meet the challenges.

            The nation’s leaders have been clear that the system is “blinking red” in terms of threats.  The related
            changes needed to address them need to be met with appropriate urgency.





            About the Author

            Bob Kolasky is Senior Vice President of Critical Infrastructure at Exiger,
            where he directs the development of cutting-edge third party and supply
            chain  risk  management  technology  for  the  critical  infrastructure
            community. Bob is a widely-recognized expert with over two decades of
            experience.  He’s  a  Nonresident  Scholar  in  the  Carnegie  Endowment’s
            International  Peace’s  Technology  and  International  Affairs  Program,  a
            CSIS  Senior  Associate,  and  a  Senior  Fellow  at  Auburn  University’s
            McCrary Institute. Bob also served the  OECD’s High-Level Risk Forum
            Chair. He was the founding Director for CISA’s National Risk Management
            Center,  where  he  co-chaired  the  Information  and  Communications  Technology  Supply  Chain  Risk
            Management Task Force. Throughout his career, he’s worked for government agencies and contractors,
            including DHS, GAO, Abrams Learning & Information Systems and Booz Allen Hamilton.
            Bob Kolasky can be reached online at LinkedIn and at our company website https://www.exiger.com/
















            Cyber Defense eMagazine – June 2024 Edition                                                                                                                                                                                                          168
            Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.
   163   164   165   166   167   168   169   170   171   172   173