Hello, and welcome back to this next TomCast from GuardSight; we are a tactical cybersecurity-as-a-service organization dedicated to helping businesses protect their data, their assets, and their endpoints.
Today we are going to discuss critical infrastructure, what it means, and what it encompasses. This is a follow on to the discussion we had a couple of weeks ago regarding municipal security and the doorway municipalities provide into the nations critical infrastructure. Hopefully this will help you gain some awareness and education on why cybersecurity is so vital.
Ok, so let’s start with just what critical infrastructure means. Heading over to the National Institute of Standards and Technology, or NIST, the definition they have there for critical infrastructure is as follows:
“System and assets, whether physical or virtual, so vital to the U.S. that the incapacity or destruction of such systems and assets would have a debilitating impact on security, national economic security, national public health or safety, or any combination of those matters.”
Dang, a debilitating impact on security, the economy, health and safety, or any combination thereof. Yeah, I can see how they would deem those areas as critical. So do you remember why I was stressing the importance of cybersecurity within our municipalities? If they are handling transactions that involve critical infrastructure, wouldn’t it seem like those transactions would need to be protected as much as possible?
So, what are those systems and assets, physical and virtual, that would impact the nation so severely if impacted? Well, there are sixteen sectors, actually, that encompass those physical and virtual assets, and those sectors are:
- Chemical
- Commercial Facilities
- Critical Manufacturing
- Dams
- Defense Industrial Base
- Emergency Services
- Energy
- Financial Services
- Food and Agriculture
- Government Facilities
- Healthcare and Public Health
- Information Technology
- Nuclear Reactors, Materials, and Waste
- Transportation Systems
- Water and Wastewater
There are many facets to each of these sectors, but a breach into any of those facets could possibly compromise the whole. So, again, jumping back to the conversation regarding our nations municipalities, what areas, or what sectors, could be potentially impacted through them? Well, transactions involving transportation, emergency services, water and wastewater, and dams are just a few. See, think about not only national level critical infrastructure, but small rural critical infrastructure. Not all dams are large like the Hoover dam or are nearly as well known. Not all transportation systems are massive complex systems like New York City. But, since convenience outweighed security long ago, the need to connect them all seemed to be a good idea.
So, traveling along the information highway of the internet could possibly have stops that impact small portions of a much larger sector, thereby weakening the infrastructure as a whole. Even the smallest regions within each of these sectors requires security. It cannot continue to take a back seat and remain a non-priority.
The folks within GuardSight understand this more than many, as they see the impacts of cyber attacks each and every day. They see the ways threat actors access systems, how they pivot and move from system to system gathering whatever they are there to gather. Sometimes those threat actors aren’t as interested in harvesting information as much as they are interested in destroying whatever they can. So, wouldn’t it be nice to have a tactical unit on your side to help defend our critical infrastructure?
We here at GuardSight thank you for taking the time to listen to this TomCast. For more information on various cybersecurity tips head on over to our website and check out more TomCasts. Those are located over on www.guardsight.com/tomcast. Or, if you would like more information on what GuardSight can do for you, head on over to www.guardsight.com and contact us. There are several free cybersecurity tools out there that can help you improve your overall security posture. We’d love to hear from you! Thanks!