There are Many Approaches to Strategy and Vision
Critical Infrastructures and Strategic Operations
Cybersecurity professionals develop and implement strategic operations in order to protect critical infrastructures that support the American people, homeland and American way of life. One of the most important aspects of any cybersecurity strategy impacting critical infrastructures involves staff examining and identifying the physical security measures needed in order to establish a safe environment in which networking cables, computer assets, supervisory control and data acquisition (SCADA), and programmable logic controllers (PLCs) can each function effectively without disruptions from cyberattacks and human error. It is important to note that any adopted strategy by cybersecurity professionals cannot guarantee the deterrence of all threat agents from outside of the Federal government networks or the possibility of an employee exploiting a vulnerability either deliberately or by mistake. However, it remains a best cybersecurity practice for professionals to assess an organization’s physical properties and recommend solutions for protecting them within the creation of policies. Since the majority of United States’ SCADA controls and PLCs are connected to Federal networks, or in some cases those present within private sector entities collaborating with the government, it is safe to assert that these control systems are prospective vulnerabilities for cybersecurity professionals managing any of the 16 critical infrastructures throughout the country. Therefore, establishing policies that promote security for both physical and digital assets remains an integral part of the strategy needed to protect critical infrastructures. United States’ cybersecurity strategic operations should focus on developing policies that enforce standards for information management and network security in order to protect critical infrastructures for private and public entities.
Risk and Vulnerability Assessments
One important feature of the overall strategy for protecting critical infrastructures involves entities designating staff to identify areas of risk or vulnerability, and make recommendations for solutions without disrupting government or business operations. Since policies may change frequently due to an alteration in the cyber resources needed by a government or business, it is imperative for the strategy to include the possibility of updates on an ongoing basis in order to reflect the security standards of an organization. Developing a strategic operation often includes the following steps: establishing a mission statement, vision statement and specific goals. The mission statement outlines the objectives needed in order to protect critical infrastructures and often appear as one of two strategic options: risk reduction mission, and loss prevention mission. The risk reduction mission statement aims to provide a solution to vulnerabilities found during the conclusion of a risk assessment by a cybersecurity professional; this method is more often used by organizations with fewer networks to protect since the statement would not need revision on a frequent basis. For the majority of entities protecting critical infrastructure, the loss prevention mission would be more suitable because it targets specific types of risks and vulnerabilities the cybersecurity staff will need to be aware of ongoingly, which suggests that it may need to be revised many times in order to accurately reflect the security standards of an organization. The loss prevention mission is more appropriate for the managing of critical infrastructures as it typically features data regarding performance metrics, mitigation and prospective data loss.
Sharing Information
One of the most important components of establishing a vision for the protection of critical infrastructures throughout the United States, involves individuals and organizations sharing information with the Department of Homeland Security (DHS) in order to discover methods used in accomplishing the prospective vision. While DHS was established by President George W. Bush and his administration as a resource to handle domestic acts of terror as a result of the attacks on the World Trade Center in 2001, the government passed the Homeland Security Act of 2002 which gave DHS the authority and responsibility to use cybersecurity measures for the protection of the country’s critical infrastructures. The law appoints the Secretary of Homeland Security as the primary individual responsible for determining the mission, vision and objectives needed to ensure security with each critical infrastructure. This national policy plays a significant role within both the public and private sectors in the United States, as government entities as well as private organizations can access DHS information through its official website, which includes various documents recommending proven strategies for creating and implementing a strategic vision at any given time. DHS is also available to assist any domestic organization with using counter intelligence, promoting network security and information management, as well as train staff members on the best cybersecurity strategies. In accordance with the United States’ overall strategy, an effective vision for the government would establish cybersecurity staff within DHS to manage the daily operations of reducing risk and vulnerabilities within information management and network security.
Backward Planning
Using backward planning can specify the goals needed to accomplish DHS’ vision by starting with the last objective and examining each previous one in order: establish ongoing research and development, collaborate with law enforcement, enforce standards for critical infrastructure protection, implement strategies for Federal network security, promote information sharing and use the CIA triad. The ultimate goal of applying DHS’ vision is to designate resources within the department that can assist public and private entities with continuous research and development. Since government and business operations that use technology encounter threat agents which constantly evolve with new malicious code and methods of compromising networks, the process of accomplishing a strategic vision remains dependent on cybersecurity professionals examining and implementing new data from DHS in order to use prevention, deterrence and mitigation for existing threats and those likely to arrive in the future. In order for DHS to assist the Federal government and American businesses with keeping up with the most current information regarding threat agents, it requires the department to show flexibility in its research and development areas and also needs continuous funding through Congressional measures.
Collaboration
DHS collaborates with law enforcement agencies in order to protect the American people by conducting forensic analysis on compromised networks and identifying the state or non-state actors responsible for cyberattacks on critical infrastructure. This process involves each department to agree with a specific jurisdiction relative to investigating cyberattacks, cybercrime and instances of cyberwar. Prior to engaging in collaboration with law enforcement, it would be helpful for DHS to enforce standards for critical infrastructure protection: how to mitigate current and future cyberattacks and protect critical infrastructures with incident response policies from damages by natural disasters. DHS should be able to conduct risk and vulnerability assessments prior to a cyberattack, during a live threat, or after the mitigation process. It is also important to implement strategies for Federal network security by monitoring malicious traffic, inform domestic entities of prospective vulnerabilities, assist organizations in the mitigation process and incident response. DHS’ ability to protect American critical infrastructure through government and business networks serves as a resource for helping other organizations to accomplish their strategic operations.
Strategy
The promotion of information sharing represents one of the most effective strategies for DHS to assist other organizations with the process of protecting critical infrastructures. While there is a substantial amount of information in the open source regarding current threats to critical infrastructure, DHS’ ability to share information remains a reliable and effective resource for entities within the United States. The department often shares best cybersecurity practices regarding prevention, mitigation and incident response; this process has a direct impact on the resiliency of government and business networks throughout the country. Prior to engaging with these activities, it is important for DHS to adopt the CIA triad as a goal for accomplishing its strategic vision: confidentiality, integrity and availability.
Impact
Strategic operations regarding the protection of critical infrastructures has a direct impact on American lives. Ensuring the physical security of SCADA controls and PLCs, as well as its stored information, gives American citizens access to many resources: financial data, water supply, transportation, energy and several other forms of critical infrastructures. DHS has the capability to assist other organizations that manage critical infrastructure by sharing information or assisting in removing threat agents as a way of reducing the prospect of any downtime of critical infrastructures, which could devastatingly cause loss of American lives. Therefore, cybersecurity professionals that develop an effective mission, vision and goals can promote the security and quality of life for the American people.