Co-authored with Dani Schrakamp
Last week, we gained some valuable perspective from the UK and discussed barriers to change. Today, #GovernmentNow will dive into the important topic of security and trust as it relates to safeguarding our critical infrastructure.
We are living in an unprecedented time. Society has shifted, and we are all relying more and more on access to remote connectivity for key aspects of life from work, to our children’s day-to-day learning, and healthcare, to simply connecting and socializing. Governments are no exception. In a flash, governments across the globe found themselves unprepared to fully support a remote workforce and virtual service delivery. In fact, many organizations were forced to scramble and build systems that stretched IT resources to the edge, near their breaking point.
According to the U.S. Bureau of Labor Statistics, only 15.2% of local government employees regularly worked remotely from 2017 to 2018. This has also shed light on the necessity of building robust and secure foundational infrastructure. For example, fiberoptic networks within cities and communities show promising value for linking local governments, businesses, and citizens to important tools and resources for seamless continuity in today’s world.
Now, IT teams must adapt to a new reality. They must manage network capacity for a fully remote or hybrid workforce, control more endpoints and devices, and prepare for heightened potential of cyberattack. During major crises, evidence shows that the threat landscape increases and targets like critical infrastructure become more vulnerable. What’s worse, is these cyber threat actors can easily blend into a sea of legitimate traffic. For example, after the state issued a stay at home order, North Dakota reported incidents rising from the average 1,500 to experiencing more than 7,000 incidents a week.
Shift to digital industrial solutions
Operating and maintaining industrial critical infrastructure with 24/7 diligent coverage is and continues to be a key challenge in the current industry environment. In looking at the water sector for example, like many other agencies across the US, Knoxville County Utility, opted for its mission-critical employees to shelter in place at the water facilities rather than in their own homes. Yes, this creation of ‘Quaran-teams’ helped protect business continuity and availability of clean drinking water for the community. But, this kind of model may not be sustainable nor preferable for the future.
This balancing act continues to evolve. Health and safety of the workforce, operational continuity, and service delivery all require attention. Government agencies that manage industrial critical infrastructure are rapidly revisiting their resilience and continuity strategies. Many of these organizations have made quick work, leaning into the enablement of secure remote operations for essential functions.
Prior to the pandemic, many critical infrastructure segments were on the path toward digital transformation. Organizations had been standing up secondary networks, such as connectivity for the Internet of Things (IoT). This allows for critical operational efficiencies, particularly in times of dwindling resources, while deriving better business intelligence through increased asset visibility and improved customer service. With the adoption of these new technologies, critical infrastructure systems are no longer air gapped, exposing them to major cyber vulnerabilities.
Cybersecurity concerns on the rise
As a result of greater reliance on digital solutions and now, with the move to virtualized government services and a growing remote workforce, cybersecurity systems are being put under extreme pressure. Industrial Control Systems (ICS) are essential to running critical infrastructure, such as water and electric facilities. Attacks against ICS pose serious risk to public health, safety, and national security. Many of these systems operate with outdated systems or patchwork technologies with known vulnerabilities. As today’s ICS become IT-centric and hyperconnected, they are exposed to the growing threat landscape that IT systems face while lacking strong security posture. That is why, for example, the America’s Water Infrastructure Act of 2018, has required community water systems serving more than 3,300 people to develop or update risk assessments and emergency response plans. The law specifies the components that the risk assessments must address, and for the first time, it includes cybersecurity.
The need for remote work, remote operations, and advanced digital solutions for critical industrial infrastructure is here to stay. This only further highlights the importance of implementing foundational cybersecurity solutions in industrial environments.
Building resilient and sustainable cyber solutions are key
Rather than considering band-aid solutions that address cybersecurity needs in a fragmented fashion, it is imperative that government agencies build their foundational digital infrastructure with comprehensive security in mind. Where risks are known, actions are clear. But with unknown risks, there needs to be a focus on disciplined security practices that meet the needs of a world that increasingly exists online.
When it comes to cybersecurity, no single product, technology, or methodology can fully secure critical infrastructure systems. Protecting assets requires a holistic, defense-in-depth security approach that addresses internal and external security threats. IT leaders must understand industry trends, prioritize security programs, and leverage how their organizations manage and mitigate risk.
Zero trust security is an effective model that addresses this challenge. This year, National Institute of Standards and Technology (NIST) released a second draft special publication 800-27 for their zero-trust architecture, stating how cybersecurity is evolving from static perimeter control, and shifting focus on users, assets and resources. While perimeter controls have their place, more emphasis is needed to protect the within.
When it comes to ICS networks, it is paramount to minimize control system exposure. Having a clear and well-defined separation of the operations technology (OT) systems, organization network, and cloud environments allows for segmented protections throughout the network.
Security that is trustworthy, transparent, and accountable
Cisco offers one of industry’s most comprehensive and advanced security portfolios.
Our approach reduces complexity, while providing superior visibility, continuous control, and advanced threat protection across the extended network. Cisco is dedicated to building effective security, exactly in line with the NIST Cybersecurity Framework – Identify, Protect, Detect, Respond, and Recover. This framework enables organizations of all sizes to discuss, address, and manage cybersecurity risk, which can be plugged into existing governance and risk management processes.
Specifically for ICS network protection, Cisco’s Cyber Vision is developed as an integrated IT/OT solution that provides asset visibility including dynamic asset inventory and real-time monitoring of process data to ensure system continuity, resilience and safety.
Cyber Vision is built into industrial network equipment so OT security can be deployed at scale. It also feeds existing cybersecurity platforms with information on OT assets and events for a unified IT/OT threat management strategy.
The bridge to possible
Our journey to security and trust starts with you. Cisco is reimagining what’s possible with security that’s built for you. Simplified, without compromise. We’re here to help you stay protected today and face whatever threats come your way tomorrow so that you can confidently build for the future.
What do security and trust mean to you? Comment below. Share your thoughts. Join the conversation. And keep an eye out for our next #GovernmentNow post.