Why Does it Take a Real-World Incident to Spur Cybersecurity Resilience Actions?

There is certainly no shortage of advice and best practices being labeled with “COVID-19” to grab our attention. But the fact of the matter is, whether it is hand washing or cyber resilience, the guidance is valid for all-time. But, it is an unfortunate reality that it often takes an incident to spur us into shoring up cyber hygiene, or personal hygiene for that matter. Whether out of complacency, denial, lack of support or resources, many organizations and individuals simply do not act until it is nearly too late. The COVID-19 situation has placed a great strain on all facets of our national infrastructures, but for engineers and operators responsible for keeping critical infrastructure services operating effectively for those of us consuming it at home, there is no better time than the present to tackle some of those resilience initiatives on the to-do list – especially with the AWIA 2018 Risk and Resilience Assessment certification deadlines looming. That said, as the foundation of a resilient utility is a comprehensive asset inventory – regardless of pandemic status – industrial cybersecurity firm Verve Industrial Protection posted four manageable recommendations for managing ICS endpoint security. To complement WaterISAC’s 15 Cybersecurity Fundamentals, #1 – Perform Asset Inventories, Verve builds on the importance of a detailed inventory of all software, hardware, users, accounts, etc. in your OT environment. The post also discusses practical approaches to remediating identified risks, identifying and alerting to “out-of-normal” changes, and codifying and communicating incident response and recovery plans. Read more at Verve