"Closing a Critical Gap in Cybersecurity"

The Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) was established as the nation's risk adviser to work with different entities within the realms of government and industry to strengthen the country's cybersecurity. One of the principal responsibilities of the agency is to protect U.S. critical infrastructure from cyberattacks by sharing cyber threat information with public and private entities. According to the CISA's first director, Christopher Krebs, the agency discovered the exposure of industrial control systems (ICS), including those used for water pumps, emergency management equipment, and a natural gas facility, to the public Internet. However, the identity of the owner or operator of these vulnerable systems is often unable to be determined by the CISA due to current laws that limit information-sharing by internet service providers (ISPs). The inability to identify the owner or operator of a vulnerable system makes it difficult to address vulnerabilities as those behind the operation of these systems would need to be contacted and advised on how to mitigate the vulnerabilities. This article continues to discuss the CISA's role and responsibilities, as well as the challenges the agency faces in protecting the nation's critical infrastructure.

Homeland Security News Wire reports "Closing a Critical Gap in Cybersecurity"