Insight
Understanding How the U.S. National Cybersecurity Strategy Impacts Your Business
The 2023 U.S. National Cybersecurity Strategy is a direct response to the increasing frequency of cybersecurity threats and the impact they can have on the nation’s critical infrastructure, leading to cyber physical consequences that threaten the safety of people and the environment, not to mention the potential financial and reputational impact to a business.
Expanding digitalization has had the unintended consequence of increasing exposure to cybersecurity threats. Devices and systems that historically were used in isolation are now interconnected, and that has made those devices and systems prime targets for cyberattacks. With digitalization opening a connection between IT and OT (Operational Technology), protecting OT is more important than ever. And as digitalization progresses, there will be increased exposure of vulnerable systems. Critical infrastructure currently lacks (with few exceptions) sufficient monitoring of OT environments, much less the in-depth defense needed to prevent an attacker from moving through a targeted network.
Governments around the world are taking a closer look at those potential vulnerabilities.
And although the hierarchy of concerns varies from one nation to another,
across the board, critical infrastructure ranks at the top of the list.
Damage to infrastructure and disruptions in service can be quite expensive in financial terms, but attacks in industrial settings have the added potential for physical repercussions, including serious environmental consequences and even injury and loss of life.
The U.S. National Cybersecurity Strategy, released by the U.S. government on March 2, 2023, is evidence that the United States is starting to take this threat seriously. While the strategy is a good step, it will take all critical infrastructure owners and operators to focus on securing and monitoring these environments to move the needle substantially. Governments alone cannot accomplish the mission of protecting critical infrastructure.
Protecting Critical Infrastructure
The U.S. National Cybersecurity Strategy sets out a comprehensive cybersecurity plan consisting of five pillars:
- Defend critical infrastructure;
- Disrupt and dismantle threat actors;
- Shape market forces to drive security and resilience;
- Invest in a resilient future;
- Forge international partnerships to pursue shared goals.
Although the strategy is not precise in terms of how the goals will be accomplished, it is a clear indicator that cybersecurity is a critical concern at the highest level. Technology is being treated as a component of critical infrastructure, which means the importance of protecting technology has been elevated. And minimum cybersecurity requirements will apply across industries because of the close relationship between government operations and private providers.
The U.S. government is looking to companies to increase cybersecurity vigilance and to develop processes that decrease the likelihood of an incident, as well as improved ability to recover should one occur.
Taking the Lead
A group of private companies, including Сòòò½ÊÓƵ, has taken the initiative to help improve cooperation between the public and private sectors by setting up a platform for sharing data that will help the OT community rapidly identify, assess, and respond to potential and emerging threats.
ETHOS (Emerging THreat Open Sharing), an open-source, vendor-agnostic technology platform for sharing anonymous early warning threat information across industries, will function like a hotline that correlates information from many security vendors to identify anomalous behaviors. The objective is to use this platform to help strengthen cybersecurity defenses across industries and ensure more effective government communication and support. In the hope of increasing participation, the founding companies have extended membership to any individual, organization, or security vendor that wants to be part of this coalition.
Although ETHOS is only one of many initiatives that will be needed to address cybersecurity concerns, its success should mean fewer asset owners becoming victims of preventable cyberattacks as a result of sharing actionable indicators to help create a broader view of the non-theoretical threat landscape.
As large-scale efforts like ETHOS progress, organizations should also to focus on bolstering their internal cybersecurity programs.
Establishing a Framework for Success
The National Cybersecurity Strategy is the first step in setting general expectations to protect the nation’s critical infrastructure, and as it matures, more specific requirements will be defined. As the Strategy evolves, your organization should create a process that allows it to continually assess its current cybersecurity program, identify vulnerabilities, and quickly implement solutions.
A good way to begin is to initiate an evaluation and review of your OT cybersecurity program that follows the five foundational elements of the National Institute of Standards and Technology (NIST), IEC 62443 and ISA99:
- Identify and prioritize organizational assets and assess the potential impact of a cybersecurity event on those assets.
- Protect organizational assets by implementing security controls that reduce the likelihood and/or impact of a cybersecurity event.
- Define and detect cybersecurity events as they occur.
- Respond to cybersecurity events in a timely and effective manner to minimize damage.
- Recover from cybersecurity events in a timely and effective manner to restore operations.
Following a risk-based approach to developing a cybersecurity plan can better position your organization for future implementation once the U.S. government develops more detailed guidelines for implementing the National Cybersecurity Strategy. With the risks identified and the processes established for resolving them, you’ll have a framework that you can use to meet prescriptive requirements when they are announced.
Implementing for the Present and Preparing for the Future
The National Cybersecurity Strategy is not yet detailed for implementation, but that does not prevent you from working to create or improve on your organization’s OT cybersecurity plan.
Our team of experts at SWOT24™, Operational Technology (OT) Cybersecurity by Сòòò½ÊÓƵ, can help you set up processes that allow you to implement a cybersecurity program and improve and update it as the threat environment and federal requirements change.
We help you assess your architectural defense and establish a means of securing the perimeter and controlling access, evaluate your visibility into the IT and OT environment and your ability to monitor it, and assess your vulnerability management program and incident response plan.
Together, we can strengthen your cyber defenses, and collectively, we can improve cybersecurity for critical infrastructure in the United States and around the world.
Why SWOT24?
We're the Experts
SWOT24™, OT Cybersecurity by Сòòò½ÊÓƵ, provides a comprehensive portfolio of OT cybersecurity consulting, implementation and risk management services. We help organizations, like yours, identify and mitigate critical cyber threats in real-time. We focus on stopping the bad guys so you can focus on what really matters: Your Operations.