"Resilience Seen as a Key to Critical Infrastructure Security"
The recent string of major supply chain and critical infrastructure attacks highlighted threat actors' willingness to target those systems and the importance of organizations planning for such attacks and being able to recover from them when they occur. Incidents such as the software supply chain attacks on SolarWinds and Kaseya, as well as the ransomware attack on Colonial Pipeline, can have long-term consequences for customers and other organizations for months or even years. They can also make government agencies and defenders more aware of specific vulnerabilities and weak points that organizations have, as well as stimulate new thinking about how to address them. The DarkSide ransomware attack on the Colonial Pipeline, a major gas delivery conduit, exemplified the ever-increasing overlap between cybersecurity incidents and real-world consequences. Resilience is an important property for both critical infrastructure networks and enterprise networks, but it is not easy to achieve. Absorbing, responding to, and recovering from attacks are critical capabilities for security teams, but they need a thorough understanding of an organization's strengths and weaknesses, comprehensive planning, and the ability to redirect resources as needed. It also requires collaboration, both within and outside of the organization. The White House issued a fact sheet on critical infrastructure security, emphasizing the importance of increased collaboration with the private sector and a more attack-resistant approach. Although utilities, transportation systems, and other critical infrastructure components have all been shown to be vulnerable to cyberattacks, the good news is that many of these systems were built with resilience in mind from the start. Power companies, water companies, and rail operators must deal with a variety of disruptions on a regular basis and have contingency plans in place. This article continues to discuss the importance of bolstering resilience in critical infrastructure security.
Decipher reports "Resilience Seen as a Key to Critical Infrastructure Security"