COMMENTARY: Over the past year, cyber operations by foreign adversaries, including the People’s Republic of China (PRC), have moved away from traditional espionage and data theft to developing strategic plans that could infiltrate and cripple critical U.S. infrastructure.
Moreover, the strategic exploitation of vulnerabilities by foreign adversaries at critical U.S. infrastructure locations could be remotely activated with very severe consequences. An “all at once” cyberattack could devastate numerous public and private organizations. In such a case, many organizations that are not thoroughly prepared may just have to rebuild.
Both domestic and foreign cyberattacks against critical infrastructure are increasing each year. So, government and industry must make a fundamental shift in how it protects critical infrastructure, data, and operations.
Prioritize resilience over prevention
Organizations must shift their approach as modern cyber risks demonstrate that breaches remain unavoidable. By shifting to a resilience mindset, this means teams must decide how they will prepare for, respond to, and recover from a cyberattack. This shift in mindset should include the following:
- Identify and protect critical functions that must continue during incidents.
- Develop rapid data recovery capabilities for when attacks succeed.
- Leverage emerging technologies like artificial intelligence (AI) to build resilience.
- Make practical guidance accessible to resource-constrained organizations, such as those at the state and local levels.
- Regularly test cyber resilience capabilities—no organization should assume any level of confidence without being able to demonstrate it.
Adopt a ‘minimal viable operations’ concept
Define the essential services to protect national security, public safety, and economic stability. For example, healthcare organizations must preserve their emergency response capabilities and patient care delivery when cyberattacks and other disruptions occur.
Source: SC World