Building Resilience in Critical Infrastructure

Resiliency is the key to surviving after a cyberattack, especially in critical infrastructure. Having an emergency response plan will help you to prepare and respond to an incident so that your organization can return to business as usual with as little impact as possible.

But how do you build resiliency into your critical infrastructure?  It’s a crucial question, given the results of the second annual RSA Cybersecurity Poverty Index[1], which compiles survey results from 878 respondents across 81 countries and more than 24 industries:

• For the second straight year, 75% of survey respondents have a significant cybersecurity risk exposure
• Half of those surveyed assess their incident response capabilities as either “ad hoc” or “nonexistent”
• Government and energy sectors ranked lowest among industries in cyber preparedness

In order to manage and respond to risks, you first have to know the risks to your organization. A big part of that is knowing what infrastructure assets comprise your IT environment. An asset inventory is in fact mandated by NIST (National Institute of Standards and Technology) as an essential part of your cyber response plan.

Once that plan is developed, it should be tested against real world scenarios via simulations.

Whether you need to respond to insider threats or malicious attackers entering into your environment, you need to have a working plan to detect and respond to threats that will allow for minimal downtime and impact on the business.

The themes of the past few weeks of the National Cyber Security Awareness Month have addressed the most important steps that every organization should take in order to best manage risk. Building resilience into your critical infrastructure means that every employee knows about potential threats. And that’s the critical third step to building resilience: train and empower employees.

Employees must be engaged in security awareness training, and business leaders need to review those programs and security policies to ensure that they are current and effective.

Once you understand the risks to your environment, you need to look at your overall security infrastructure to determine whether it is able to defend your business against the current threat landscape. You will need a variety of tools, but you’ll also need to know which tools no longer suit your needs and which tools might be inharmonious with what is required for your evolving ecosystem.

Resilience is not only a matter of technology. A strong security program should include policies for people and technology as well as the physical protection of critical documents. These policies should be clearly written, continuously managed, and constantly enforced.

Your employees must be able to perform their daily duties, but a response plan must also prepare you for the unexpected—so that you are able to return to full functionality after any downtime or emergency. Having the right strategies that are compatible with your business needs is the key to building resilience, and your emergency response plan should prepare your employees for the variety of threats that can compromise your physical and network infrastructure.  

[1] http://www.darkreading.com/prnewswire2.asp?rkey=20160614NE23237&filter=3928