The Cybersecurity and Infrastructure Security Agency (CISA) kicked off Infrastructure Security Month (ISM) on Monday, November 1. Like Cybersecurity Awareness Month, each week has a unique focus area, which all support a single monthly theme. This year the theme is Critical Infrastructure Security and Resilience: Build It In. This theme is meant to underscore the importance of building infrastructure with security and resilience in mind.
The United States has identified 16 sectors as critical infrastructure:
- Commercial facilities
- Critical manufacturing
- Defense industrial base
- Emergency services
- Financial services
- Food and agriculture
- Government facilities
- Health care and public health
- Information technology
- Nuclear reactors materials and waste
- Transportation systems
- Water and wastewater systems
An infrastructure sector is considered ‘critical’ if the United States government has determined that the operations and services of that sector are vital to national security and public health. You can read more about this on the CISA infrastructure security page.
Week 1: Interconnected and interdependent critical infrastructure: Shared risk means building in shared responsibility
Because the critical functions within our society are so complex and interconnected, there’s no single area of expertise or ownership that can manage the complete risk. Many of the risks associated with critical infrastructure are geographically dispersed and managed by a variety of private and public entities. These entities will have to work together to create standards and protocols for mitigating risk and managing incident response. CISA Director Jen Easterly, Congressman John Katko, and private sector stakeholders are currently working on identifying which sectors need additional resources to help secure them from ransomware and other attacks. Meanwhile, hacking gangs are actively developing supply chain attack capabilities, and critical infrastructure sectors remain on high alert.
If you are interested in learning more about critical infrastructure security, you can find free training courses and other resources on the CISA website. For more on how you can participate in Infrastructure Security Month, visit the official site here.
Christine Barry is Senior Chief Blogger and Social Media Manager at Barracuda. Prior to joining Barracuda, Christine was a field engineer and project manager for K12 and SMB clients for over 15 years. She holds several technology and project management credentials, a Bachelor of Arts, and a Master of Business Administration. She is a graduate of the University of Michigan.
Connect with Christine on LinkedIn here.