Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the hcaptcha-for-forms-and-more domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /var/www/wp-includes/functions.php on line 6114

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the hcaptcha-for-forms-and-more domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /var/www/wp-includes/functions.php on line 6114

Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the wordpress-seo domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /var/www/wp-includes/functions.php on line 6114
Dubai Tech News

Cooperation—Not Regulations—Will Protect Our Critical Infrastructure

Innovation Cooperation—Not Regulations—Will Protect Our Critical Infrastructure Ryan Moody Forbes Councils Member Forbes Technology Council COUNCIL POST Expertise from Forbes Councils members, operated under license. Opinions expressed are those of the author. | Membership (fee-based) Jun 13, 2022, 07:00am EDT | Share to Facebook Share to Twitter Share to Linkedin Ryan Moody, President and CEO, ABS Group of Companies, Inc .

getty At the turn of the millennium, it would have been difficult to foresee the level of global interconnectivity now regarded as commonplace. Technology advanced in the blink of an eye, and the advancement has ushered in a new era of communication, collaboration and cooperation. It has changed lives the world over, enabling new opportunities once thought impossible.

The advancement, however, comes at a cost to critical infrastructure providers and their most important stakeholders: the public. Our increasingly connected world has opened many doors, not all of them good. Threat actors take advantage of those open doors and widening attack surfaces to execute cyberattacks.

They can do so to devastating effect, especially in complex operational technology (OT) environments. With high-profile cyberattacks making headlines across the globe, enterprises are beginning to recognize that their obligations to the public may be more important than their obligations to shareholders. Critical infrastructure companies are uniquely positioned at the intersection of commercial enterprise and public service.

They must meet the moment and build reliable industrial cybersecurity programs that can weather metaphorical storms as well as stand up to literal ones. Who’s really responsible? Incidents like the Colonial Pipeline shut down—and the gas shortages wrought by the attack—brought the frightening reality of vulnerability to cyberattacks to the forefront, as has the rising risk of cyberattacks from nation-state actors. MORE FOR YOU Google Issues Warning For 2 Billion Chrome Users Forget The MacBook Pro, Apple Has Bigger Plans Google Discounts Pixel 6, Nest & Pixel Buds In Limited-Time Sale Event Protecting citizens is a primary function of any government, but the government is not the only entity that plays a part in national defense.

A large percentage (though the actual number is unknown ) of the United States’ critical infrastructure is privately owned, so entities that provide and protect essential infrastructure components must take their own decisive action to safeguard the U. S. infrastructure from cyber threats against industrial control systems (ICS).

Well-intentioned government initiatives like the North American Electric Reliability Corporation Critical Infrastructure Protection (NERC-CIP) and the National Institute of Standards and Technology (NIST) may not be enough to protect critical infrastructure due to officials’ lack of insight into the nuances of OT environments. It’s not their fault. How could officials with no first-hand experience in the industry possibly understand the diverse threats infrastructure enterprises face? After all, manufacturers have different concerns than power grid managers, gas pipeline owners or nuclear plant proprietors—and the government has its own priorities.

All these players share, though, a common interest in protecting their assets, the public and the environment. With this in mind, critical infrastructure leaders around the world have an opportunity in this moment of increased scrutiny to guide the critical infrastructure industry’s future. These entities can govern from within, setting their own goals and priorities for cybersecurity based on experience and real-world applications of technologies.

Infrastructure providers worldwide should view their security initiatives as a necessary function of their operation, not an individual business protection endeavor. They should view protecting critical infrastructure as an imperative for providing those services and take decisive action to craft regulations that safeguard global infrastructure from cyber threats. If the critical infrastructure industry is to take on this self-governing approach to preparedness, it should take collective, cooperative action to address the growing threat of OT cyber attacks.

Better together: Collective defense is key. This would not be the first time that private industry bypassed the slow-moving gears of government to improve the safety and security of their businesses, their employees and the public. The International Maritime Organization (IMO), for example, was the result of a similar need for global standards to improve safety and security for maritime vessels.

Since its founding in 1948, the IMO has sought to secure government and industry regulations on a global scale—and it has been successful. Throughout the organization’s history, it has shaped the maritime industry by enacting international guidelines like the International Convention for the Prevention of Pollution from Ships and developing safety protocols like the Global Maritime Distress and Safety System . There is no reason critical infrastructure providers can’t do the same—and some are already heeding the call.

The ISACA —which is comprised of individual cybersecurity professionals—is undertaking this work to ensure the security of enterprises across sectors. While ISACA focuses on information technology (IT) environments, its long history of developing best practices and offering credentialing to professionals to ensure security stays top of mind illustrates what’s possible when working experts take the lead in developing their own procedures to further their field. Similarly, the recently formed Operational Technology Cybersecurity Coalition , which my company ABS Group recently joined, is laying the groundwork for the type of cooperation that’s necessary to self-regulate an industry with such high risk potential.

It is great for leaders to begin to voice their concerns and take the lead in developing best practices and procedures for OT environments, but this initiative will require all-encompassing participation and cooperation from companies across industrial sectors. Cyber is becoming a business imperative for companies with complex operating environments. Protecting those operations is increasingly becoming an important business decision.

Inadvertently, when infrastructure companies and associated governing bodies effectively safeguard their own interests, they are also protecting our country’s most essential services. Regardless of size or role in the process of providing critical infrastructure, each company must accept the responsibility it has to the continued success and security of all the rest. If the industry can work together to meet this challenge, this sets the stage for more secure services against cyber threats in the decades to come.

Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify? Follow me on LinkedIn . Check out my website .

Ryan Moody Editorial Standards Print Reprints & Permissions.


From: forbes
URL: https://www.forbes.com/sites/forbestechcouncil/2022/06/13/cooperation-not-regulations-will-protect-our-critical-infrastructure/

Exit mobile version