We ended our ‘15CFAM’ campaign in recognition of NCSAM (National Cybersecurity Awareness Month) with a preview to November. Just in case you haven’t had your fill of acronym-soup, we have one more helping. For those of us who support the critical infrastructures that maintain our way of life, November’s recognition of Critical Infrastructure Security and Resilience (CISRM) is the most relevant.

In a White House proclamation, President Trump declares November 2020 as Critical Infrastructure Security and Resilience Month. The proclamation calls on all people of the United States “to recognize the importance of protecting our Nation’s infrastructure and to observe this month with appropriate measures to enhance our national security and resilience.” CISRM, also recognized as Infrastructure Security Month, is a nationwide effort to raise awareness and reaffirm the commitment to keep our Nation’s critical infrastructure secure and resilient. The U.S. Department of Homeland Security's (DHS's) Cybersecurity and Infrastructure Security Agency (CISA) has published an updated Infrastructure Security Month Toolkit for 2020 to assist organizations in promoting and educating on the importance of a secure and resilient critical infrastructure. The 2020 toolkit includes talking points, templates, social media, and online resources to help organizations effectively spread awareness internally and externally. This year’s theme is Critical Infrastructure in a Time of Transformation, and promotes two sub-themes: Security and Response During a Global Pandemic, and The Future of Securing Critical Infrastructure.

In addition, for organizations that have not yet read it, now is a great time to add CISA’s “A Guide to Critical Infrastructure Security and Resilience” to your list of recommended resources. Published last November, the guide shares basic information and lessons learned for critical infrastructure resilience from over the last 15 years, including an overview of threats and hazards to critical infrastructure, an outline of a basic security and resilience plan, and a discussion of the role of risk assessments. The guide was originally included in the Security & Resilience Update for November 14, 2019.

With critical infrastructure facing a variety of threats from natural and man-made sources, it is vital that everyone understands the risks from both a physical and cyber perspective. Threats and hazards to our critical infrastructure range from environmental and meteorological to industrial, technological, physical, and even foreign influence. Likewise, given this year’s acute need for instant access to information and communication due to the transformative mass move to remote work, distance learning, and telemedicine, the importance of strong cybersecurity has never been more apparent. It is up to the critical infrastructure community to spread awareness and a clear understanding that it is all-of-society’s responsibility to recognize, remain vigilant, and protect our critical infrastructure from all of the hazards that threaten our way of life.