Features
Industry
Management & Strategy
Manufacturing
Medical
Mining, Oil & Gas
OT Network security
Threat Landscape
Transportation
Utilities: Energy & Power, Water, Waste

CISA update provides guidance on Coronavirus (COVID-19)

March 20, 2020
CISA update

As the coronavirus (COVID-19) crisis continues to unfold, the US Cybersecurity and Infrastructure Security Agency (CISA) has issued guidance on defining the Essential Critical Infrastructure Workforce.  The CISA update states that essential critical infrastructure workers must keep working through.

“If you work in a critical infrastructure industry, as defined by the Department of Homeland Security, such as healthcare services and pharmaceutical and food supply, you have a special responsibility to maintain your normal work schedule.”

The memorandum on identification of essential critical infrastructure workers during covid-19 response provides “the following list of sectors and identified essential critical infrastructure workers are an initial recommended set and are intended to be overly inclusive reflecting the diversity of industries across the United States.”

  • Healthcare / public health
  • Law enforcement, public safety, first responders
  • Food and agriculture
  • Energy
  • Water and wastewater
  • Transportation and logistics
  • Public works
  • Other community-based government operations and essential functions
  • Critical manufacturing
  • Hazardous materials
  • Financial services
  • Chemical
  • Defense industrial base

The CISA update memo explicitly discusses  “IT and OT technology staff – for EMS (Energy Management Systems) and Supervisory Control and Data Acquisition (SCADA) systems, and utility data centers; Cybersecurity engineers; cybersecurity risk management” and other ICS/OT and cybersecurity related roles across different critical industries.

  • Workers performing cybersecurity functions at healthcare and public health facilities, who cannot practically work remotely
  • Workers responding to cyber incidents involving critical infrastructure, including medical facilities, SLTT governments and federal facilities, energy and utilities, and banks and financial institutions, and other critical infrastructure categories and personnel
  • Operational staff and technical support for SCADA Control systems

The Cybersecurity and Infrastructure Security Agency (CISA) has been monitoring the evolving Coronavirus, also known as COVID-19 situation closely, taking part in interagency and industry coordination calls, and working with critical infrastructure partners to prepare for possible disruptions to critical infrastructure that may stem from widespread illness, should the virus take hold in the U.S.

CISA continues to work closely with federal partners to prepare the nation for possible impacts of a COVID-19 outbreak in the U.S. This whole-of-nation effort is led by Health and Human Services through the Centers for Disease Control, with all other agencies, including CISA, in a support role.

The Cybersecurity and Infrastructure Security Agency (CISA) is the Nation’s risk advisor, working with partners to defend against today’s threats and collaborating to build more secure and resilient infrastructure for the future. CISA builds the national capacity to defend against cyber attacks and works with the federal government to provide cybersecurity tools, incident response services and assessment capabilities to safeguard the ‘.gov’ networks that support the essential operations of partner departments and agencies.

Bookmark – CISA Coronavirus (COVID-19) Alerts and Recommendations

What is Critical Infrastructure?

Critical infrastructure refers to vital physical and cyber systems and assets. It includes those facilities, systems, sites, information, people, networks and processes that are integral to a society. This infrastructure also includes those sites and organizations dealing with highly sensitive information and materials that could be used for nefarious purposes. See more 

John Evans
Customer Success Manager John has over 15 years’ experience in managing clients and helping them achieve their desired outcomes. John heads up our customer success and community management at IndustrialCyber, taking care of clients’ needs, inquiries and advertising.

A complimentary guide to the who`s who in industrial cybersecurity tech & solutions

Free Download

Related

Mandiant exposes APT44, Russia's Sandworm cyber sabotage unit, targeting global critical infrastructure
Mandiant exposes APT44, Russia’s Sandworm cyber sabotage unit, targeting global critical infrastructure
Industrial Cybersecurity Buyers’ Guide 2024 navigates complex industrial landscape
Industrial Cybersecurity Buyers’ Guide 2024 navigates complex industrial landscape
House Energy and Commerce Committee members seek answers from UnitedHealth on Change healthcare cyberattack
House Energy and Commerce Committee members seek answers from UnitedHealth on Change healthcare cyberattack
CISA announces Cyber Storm IX cybersecurity exercise to strengthen national cyber readiness
CISA announces Cyber Storm IX cybersecurity exercise to strengthen national cyber readiness
New NSA guidance identifies need to update AI systems to address changing risks, bolster security
New NSA guidance identifies need to update AI systems to address changing risks, bolster security
Claroty’s Team82 details cyber attack by Blackjack hackers on Moscow's emergency detection systems
Claroty’s Team82 details cyber attack by Blackjack hackers on Moscow’s emergency detection systems
Kaspersky ICS CERT reports on escalating consequences of cyber attacks on industrial organizations
Kaspersky ICS CERT reports on escalating consequences of cyber attacks on industrial organizations
Continuous need to face challenges, build strategies across industrial cybersecurity amidst evolving threats
Continuous need to face challenges, build strategies across industrial cybersecurity amidst evolving threats
Forescout discloses Connect:fun exploitation campaign targeting organizations using Fortinet's FortiClient EMS
Forescout discloses Connect:fun exploitation campaign targeting organizations using Fortinet’s FortiClient EMS
CISA issues Emergency Directive 24-02 in response to Russian cyber threat targeting Microsoft email accounts
CISA issues Emergency Directive 24-02 in response to Russian cyber threat targeting Microsoft email accounts