Building Resilience Is Key in Maintaining Critical Infrastructure
By James R. Lint
Faculty Member, School of Business, American Military University
Contributor, In Homeland Security
Networks require multiple routes to function properly. One malfunctioning router in a large network, for example, can lead to a disaster. The last week of National Cyber Security Awareness Month (NCSAM) looks into the need for resilience.
Information Technology, Cybersecurity Part of Critical Infrastructure
In 2010, the Department of Homeland Security issued a report, A Framework for Establishing Critical Infrastructure Resilience Goals, written by members of the National Infrastructure Advisory Council. This report stated: “Infrastructure resilience is the ability to reduce the magnitude and/or duration of disruptive events. The effectiveness of a resilient infrastructure or enterprise depends upon its ability to anticipate, absorb, adapt to, and/or rapidly recover from a potentially disruptive event.”
DHS and the nation’s cyber stakeholders have long recognized information technology and cybersecurity as a critical infrastructure. The criticality of cybersecurity is evident when it is assessed against the other designated sectors listed in the Presidential Policy Directive (PPD) on Critical Infrastructure. Most of the other listed sectors in the directive are connected to information technology and require cybersecurity.
Critical Infrastructure Includes More than Just Power Grids
Electric stations, grid instructions and alerts travel via information technology. Healthcare too is a critical infrastructure.
For a final look at criticality, think about traffic lights, which are just the tip of the transportation system. What if traffic lights were out for a week? What if the bus and train scheduling systems shut down? What if aviation systems were corrupted and flights were diverted to the wrong cities?
Each of these scenarios has cascading effects. You cannot get to work, to a meeting or even to pick up your children in a timely manner after school. Criticality is easy to see.
Ransomware Impacts Healthcare Functions
We have seen how ransomware used against the Hollywood Presbyterian Medical Center in Los Angeles. The hospital paid $17,000 to the perpetrators after negotiating down the seven-figure ransom.
After the hackers’ attack on this L.A. hospital, ransomware received industrywide attention. But hospitals may not be an isolated target. According to a 2016 Forbes magazine article by contributor Kevin Murnane, “The percentage of ransomware infections may seem modest for some industries but the increase in infections for all industry sectors over the past year gives cause for concern. Education and government have been particularly hard hit.”
With the interconnected critical infrastructure sectors, the potential for disaster and disruption is clear. Cascading cyber incidents could be caused by lax cyber security or by hackers.
Managing Risk through Collaboration
According to DHS, “Critical infrastructure must be secure and able to withstand and rapidly recover from all hazards.” Various levels of the government, private sector owners and operators of critical infrastructures need to work together to meet this goal.
Understanding cyber risks is based on information exchange and collaboration. One of the best organizations is InfraGard, an information sharing organization run in conjunction with the FBI.
DHS Is at the Forefront of Cyber Security
While DHS provides guidance to the various critical infrastructure sectors through many of its collaboration efforts, it also leads the federal effort to provide security and resilience to our nation’s critical areas. DHS led the way with National Cyber Security Awareness Month in October and has partnered with InfraGard in the National Capital region to promote November as Critical Infrastructure Security and Resilience Month.
How Citizens Can Make the Nation Stronger
Infrastructure owners can invest in cyber risk management products and plans. It’s good to have a risk management plan, but a knowledgeable workforce will give us true resilience to overcome a catastrophe. Businesses must develop continuity plans that are imaginative enough to identify and overcome a multitude of cyber problems.
By using InfraGard and other collaboration tools, more organizations can share threat and incident information to improve our knowledge of cyber risks. It’s important to train employees to report suspicious activity. Often, the experts working every day in critical infrastructures will see potential issues and can report anomalies that others may not recognize or understand.
Resilience requires collaboration and planning at all levels of government and industry. It is also an area where young leaders can study and excel, which can provide future protection for businesses and the nation.
About the Author
James R. Lint recently retired as the (GG-15) civilian director for intelligence and security, G2, U.S. Army Communications Electronics Command. He is an adjunct professor at AMU. Additionally, James started the Lint Center for National Security Studies, a nonprofit charity that recently awarded their 43rd scholarship for national security students and professionals. He has 38 years of experience in military intelligence within the U.S. Marine Corps, U.S. Army, contractor and civil service.
James was also elected as the 2015 national vice president for the Military Intelligence Corps Association. In 2016 he was accepted as a member of the Military Writers Guild. He has served in the DHS Office of Intelligence and Analysis and at the Department of Energy’s S&S Security Office. James had an active military career in the Marine Corps for seven years and also served 14 years in the Army. His military assignments include South Korea, Germany and Cuba in addition to numerous CONUS locations. James has authored a book published in 2013, “Leadership and Management Lessons Learned,” and a new book in 2016 “8 Eyes on Korea, A Travel Perspective of Seoul, Korea.”