Protecting critical infrastructure and associated challenges was a recurring theme during (ISC)² Security Congress 2021, which took place virtually from Monday to Wednesday this week. It was the subject of various sessions and came up during a keynote session delivered by Chris Krebs, former director of the Cybersecurity and Infrastructure Security Agency (CISA).
Krebs said critical infrastructure needs to be hardened against foreign adversaries that might have an interest in disrupting it at some point. CISA and other agencies are working to come up with standards and practices for infrastructure security. And they are looking for input from the cybersecurity industry.
One of the main challenges with securing critical infrastructure is the move to connect IT and operational technology (OT), which often involves also connecting to Industrial Internet of Things (IIoT) networks and cloud infrastructures. One of the biggest fears is that combining physical and cyber assets through OT/IT convergence creates new risks for OT, which is then subject to the same cyber threats as the other systems.
CISA wants to hear from cybersecurity and IT professionals about the challenges they face in securing all of these systems, Bradford Willke, CISA’s senior advisor for cyber-physical convergence, said during a Tuesday morning session.
Importance of VisibilityUsing examples such as the recent ransomware attacks on JBS and the Colonial Pipeline, Willke stressed the importance of visibility into systems that combine physical operations and IT networks. With better visibility, he said, organizations will be able to more quickly identify when an attack is taking place and whe ..
Support the originator by clicking the read the rest link below.
