Securing Critical Infrastructure

Securing Critical InfrastructureDoron Harel

Résumé: Governments are having to work out how to protect their critical assets. Some assets are managed by themselves, and some by the private sector, but all fall under the state’s responsibility to provide services and protect its citizens. Which is why we have seen governments in recent years developing and enforcing security regulation over critical infrastructure.
A critical infrastructure sector can be described as one whose assets, systems, and networks, whether physical or virtual, are considered so vital to their country that their incapacitation or destruction would have a debilitating effect on security, national economic security, national public health or safety, or any combination thereof.
As more critical infrastructure is digitalised to respond to the increasing needs of society, the attack surface increases – and with it, the prospect of life-threatening disruption.
This is a conundrum that is further exacerbated by the fact that Operations Technology (OT) often exists outside of Information Technology (IT), with one being more concerned about productivity and efficiency, versus the other whose priority is cybersecurity.
Organisations understand the price of not complying with current regulations, but the cybersecurity impact can be even greater if an organisation is hit by hacking activity, ransomware, or stealing their “Crown Jewels”.
Ransomware attacks have targeted everything from private businesses to the government to hospitals and health care systems. The latter are especially attractive targets, given how urgent it is to get their systems back up as soon as possible.

Télécharger