Adrian Johnson
TLDR:
Key Points:
- Protecting critical infrastructure operational technology without causing disruptions is crucial.
- Defenders must be careful with security changes to avoid operational disruptions.
Experts emphasize the importance of caution in safeguarding critical infrastructure cybersecurity. As essential sectors such as water and energy become increasingly vulnerable to cyber attacks, defenders must navigate the complexity of protecting operational technology (OT) without inadvertently causing disruptions in the services they seek to protect.
Anthony DiPietro, technical director of the NSA’s defense critical infrastructure division, highlights the need for security measures that do not disrupt system availability. He warns against introducing sensor latencies that could impact timing and, ultimately, result in safety issues. Similarly, Nushat Thomas from the EPA advises water utilities to avoid automatic software updates that could interrupt OT processes and opt for manual updates instead.
CISA provides technical assistance to help critical infrastructure owners manage cyber risks, but a GAO report points out shortcomings in staffing and response to significant incidents. Despite voluntary cybersecurity measures in the water sector, there are calls for more stringent requirements to drive down risks effectively.
Overall, a cautious approach to cybersecurity in critical infrastructure is essential to maintain both security and operational integrity, ensuring that defenders can protect essential services without inadvertently causing disruptions.
