Three Simple Actions to Protect Our Critical Infrastructure
For many years now in the information community and the media, there have been tales of apocalyptic power outages caused by a cyberattack on America’s power grid and energy infrastructure. While this type of large scale attack against Critical Infrastructure provider (CI) has never been born out – as it turns out shotguns and software bugs are far more dangerous to grid function – critical infrastructure providers are wise to keep data and network security top of mind.
While there have been large scale attacks in other countries and attacks against US operators are on the rise, the most significant risk to utility operators is more likely to come from the inside. While there’s always the risk of a malicious insider, most of the data and systems security challenges faced by critical infrastructure providers would fall into the category of accidental vulnerability introduction or as the result of unintended consequence. For example, critical infrastructure operators face many challenges opening up their once-closed industrial control systems (ICS) to ensure support for continuous operations and leverage the benefits of Smart Grid. Because these systems were originally designed to be closed and air-gapped they lack baked in security functionality at the build level.
However, where there is greatest need for more robust and resilient security, as is often the case where humans are involved. By their very nature, critical infrastructure operations are highly reliant on the use of shared credentials, usually in the form of physical tokens. While tokens provide one layer of security, they can be lost, stolen, shared inappropriately, and otherwise exposed to a host of security threats, even if the original credential breach had no malicious intent. Moreover, most of the credentials lack any auditing capacity to ensure that the credential is being used by the right person in the right way.
Consider taking the following three actions to improve Critical Infrastructure Data and Network Security:
- Follow ICS-CERT – the Industrial Control Systems Cyber Emergency Response Team to stay up to date on risks within and across all critical infrastructure sectors. ICS-CERT has a repository of awareness and monitoring reports to help your organization stay ahead of threats. You can even follow the team on Twitter.
- Make Privileged Access Management strategies stronger, easier to use, and therefore more likely to be complied with.
- Consider investing in a next generation authentication solution that facilitates credential sharing without the risk. That is, a solution that facilitates anytime access privileges through location, time, and date parameters while enabling credential use audit by individual user.
Interested in learning more about next generation authentication solutions for Critical Infrastructure? You can request a demo here.