What Critical Infrastructure Security Leaders Should Know

From A Comprehensive Resource Guide for Securing Critical Infrastructure by Rockwell Automation 

Many ICS systems are easily accessible to hackers, as this investigation by the research-based publication Cybernews.com shows. The threat landscape continues to evolve. Gartner points out that as OT systems are changing, so are the threat actors’ tactics and techniques. 

Hackers remain the top source of ICS network intrusion, a SANS survey of 480 cybersecurity practitioners found. Weak security protocols and lack of standardization contribute to IoT attacks in the Critical Infrastructure sector, notes this article published by the World Economic Forum. 

Top Threats Impacting Critical Infrastructure 

• Malware. The UK National Cyber Security Centre provides an explanation of how malware works, along with examples and defense strategies. 

• Advance persistent threats (APTs). Get technical details from CISA and advice from the NSA on mitigation strategies. 

• Insider threats. The U.S. National Counterintelligence and Security Center provides guidelines for Critical Infrastructure entities and CISA offers a guide for implementing an insider threat program for Critical Infrastructure. 

• Nation-state attacks. Review examples in this CISA article about threats originating from China. 

• Ransomware. Watch a virtual discussion with CISA’s acting director and the McCrary Institute for Cyber and Critical Infrastructure Security, and read CISA’s overall guide to ransomware for IT professionals. 

Cybersecurity Fundamentals and Best Practices 

Government agencies, industry-specific organizations, and professional cybersecurity services firms offer guidance around creating and implementing the right cybersecurity program. Below are several articles and websites outlining best practices around Critical Infrastructure defense.  One of the core cybersecurity frameworks recognized worldwide is from the U.S. National Institute of Standards and Technology (NIST). NIST’s SP 800-82, “Guide to Industrial Controls Systems (ICS) Security” includes an overview of ICS, covering security fundamentals such as risk management and assessment, security architecture, and the application of IT controls to ICS, as well steps for responding and recovering from security incidents. 

These resources offer ‘at a glance’ best practices: 

• Tips and Tactics for Control Systems Cybersecurity. A NIST infographic with quick tips and fundamental steps to take. 

• Cybersecurity Practices for Industrial Control Systems. A high-level but comprehensive, two-page overview from CISA and U.S. Department of Energy (DOE). 

• ICS Cybersecurity for the C Level — a two-page guide to help facilitate cybersecurity conversations with the C suite and other stakeholders. 

For a deeper dive into the current threat landscape and on getting started with a cybersecurity plan, read CISA’s “A Guide to Critical  Infrastructure Security and Resilience.” Additionally, the WaterISAC’s comprehensive “15 Cybersecurity Fundamentals for Water and  Wastewater Utilities” discusses best practices that are applicable across the Critical Infrastructure sector, including: 

• Performing asset inventories 

• Enforcing user access controls 

• Creating a cybersecurity culture 

• Securing the supply chain 

• Implementing threat detection and monitoring