Building Resilience in Critical Infrastructure
The Patriot Act of 2001 defines Critical Infrastructure as those “systems and assets, whether physical or virtual, so vital to the United States that the incapacity or destructions of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters.”
The critical infrastructure represents the keystone of the entire infrastructure of a country. Remove it and the dependent systems collapse like a pack of cards. In recent times, the critical infrastructure has gained a lot of attention because of the cybersecurity related issues. With cyber war gradually replacing other modes of warfare, the threat to these infrastructure systems has increased multifold. As they are connected to the internet, it makes an easy case for the enemy to target and disable them so as to have a multiplier impact on the entire national security. In fact the attacks have already started. The cyber attack on the New York dam by the Iranians is an example of such an attack. Similarly, the present attacks on the election system of U.S by foreign hackers is another example.
Strategy to secure Critical Infrastructure
So how do we make our critical infrastructure resilient to the cyber attacks? This is the key question that has become a matter of debate among security strategists. Firstly, it is important to note that cybersecurity and physical security are intertwined and essential when it comes to the resilience of critical infrastructure. Imagine a case wherein due to poor physical security an intruder is able to manually install a malware in a computer system thus corrupting the network of a banking firm. Similarly consider a case wherein a data integrity attack on the defense communication systems is able to bring down the level of preparedness of the armed forces. These are not hypothetical but cases that are actually possible in reality. Therefore, resilience of our critical assets has to be based on a close partnership between the two dimensions of security viz cyber and physical security. They have to be handled as two departments in one organization with a single unified command and collaborations between the teams.
Secondly, the responsibility of increasing the resilience and robustness of critical assets lies on both the government and the private sector. The key factor here is the “investments” which are pivotal to the resilience of our critical assets. If there is a strong mutually reinforcing partnership between public and private sectors on strengthening these systems, the investments will definitely show correlated strategic returns that would further enhance the capabilities of both public and private sector. The public sector will be able to provide better security and rapidly respond to and recover from any hazardous event. Similarly, the private sector would be able to resume business operations quickly and losses would be minimum in case any cyber hazard occurs.
Thirdly at the tactical level, an agile incident response system needs to be ready for every critical asset. The response should be well tested in advance. Such a strategy is highly productive when an incident happens. It eliminates lack of accountability, duplication of work and confusion over how to effectively respond to the attack. With an incident response system in place, each responsible person knows how to identify the attack vectors, respond to and recover from the attack.
Finally, situational awareness is the factor that is indispensable to resilience of the critical infrastructure. It is the lynchpin that binds all the other strategy factors together and makes them an effective potent force. A consistent awareness about what’s happening in cyberspace is what inculcates situational awareness and this is where Cyware is meaningfully contributing towards resilience of our cyberspace that includes the cyber aspects of our critical infrastructure.