The Intelligence and National Security Alliance (INSA) last week launched its critical infrastructure subcommittee to examine cyber threats to this critical sector by both government and industry to secure essential networks.
The subcommittee will examine issues of interest to both its members and INSA member organizations. Its initial focus areas will include briefings on cyber threats to critical infrastructure sectors, securing critical infrastructure supply chains, improving the speed of declassification and tearline report publication to facilitate faster industry response to cyber threats, and expediting the process of securing clearances for critical infrastructure employees.
The critical infrastructure subcommittee will begin its work with an initial focus on finance, telecommunications, energy/electric, and the defense industrial base (DIB). The subcommittee will aim to assess current and future cyber threats to privately owned critical infrastructure and their implications for national security. It will deliver strategies to mitigate cyber threats to select critical infrastructure operations and identify areas for greater public-private collaboration through Sector Coordinating Councils (SCCs), Information Sharing and Analysis Centers (ISACs), and other platforms.
It will also identify and address obstacles to greater public-private collaboration, and serve as a forum for government and industry experts to share perspectives, develop new insights, better account for risk, build resiliency, and promote best practices.
“Government agencies and critical infrastructure operators must improve their cybersecurity cooperation and share information on cyber threats more effectively,” Larry Hanauer, INSA’s vice president for policy said in a press statement. “INSA’s new Subcommittee will examine ways in which public-private collaboration can help secure networks in critical infrastructure sectors such as financial services, telecommunications, and the defense industrial base.”
Chris Boyer, AT&T’s vice president for global security and technology policy, will serve as the head of the critical infrastructure subcommittee, while Rich Johanning, Amentum’s vice president for mission engineering, and Sydney Jones, CME Group’s lead for the global information security external engagement team will take on the role of vice chairs on the subcommittee.
The critical infrastructure subcommittee will meet quarterly, and members will promote strategies to mitigate cyber threats to critical infrastructure operations. They will also identify areas for greater public-private collaboration through Sector Coordinating Councils (SCCs) and Information Sharing and Analysis Centers (ISACs).
Initial focus areas may include threat assessments of cyber threats to critical infrastructure sectors and steps needed to secure critical infrastructure supply chains.
Recent cybersecurity incidents, such as the SolarWinds supply chain cyber incident was likely caused by an advanced persistent threat (APT) actor, who may be deeply burrowed in compromised networks, and full eviction could be costly, highly challenging, and complex.
Another recent incident was the Oldsmar water plant hack that witnessed unidentified cyber attackers gaining access remotely to a panel and trying to change the settings that control the sodium hydroxide level at the water treatment plant. Modifying the setting could have drastically increased the amount of sodium hydroxide in the water supply from about 100 parts-per-million (ppm) to about 11,100 ppm.
In light of the ever-changing cybersecurity landscape, the National Security Agency (NSA) rolled out guidelines last week and an evaluation methodology, to improve operational technologies (OT) and control systems cybersecurity. The advisory, described as a “significant shift,” includes understanding how the OT systems are viewed, evaluated, and secured within the U.S. to prevent malicious cyber actors (MCA) from executing successful, and potentially damaging, cyber effects.