As the coronavirus (COVID-19) crisis continues to unfold, the US Cybersecurity and Infrastructure Security Agency (CISA) has issued guidance on defining the Essential Critical Infrastructure Workforce. The CISA update states that essential critical infrastructure workers must keep working through.
“If you work in a critical infrastructure industry, as defined by the Department of Homeland Security, such as healthcare services and pharmaceutical and food supply, you have a special responsibility to maintain your normal work schedule.”
The memorandum on identification of essential critical infrastructure workers during covid-19 response provides “the following list of sectors and identified essential critical infrastructure workers are an initial recommended set and are intended to be overly inclusive reflecting the diversity of industries across the United States.”
- Healthcare / public health
- Law enforcement, public safety, first responders
- Food and agriculture
- Water and wastewater
- Transportation and logistics
- Public works
- Other community-based government operations and essential functions
- Critical manufacturing
- Hazardous materials
- Financial services
- Defense industrial base
The CISA update memo explicitly discusses “IT and OT technology staff – for EMS (Energy Management Systems) and Supervisory Control and Data Acquisition (SCADA) systems, and utility data centers; Cybersecurity engineers; cybersecurity risk management” and other ICS/OT and cybersecurity related roles across different critical industries.
- Workers performing cybersecurity functions at healthcare and public health facilities, who cannot practically work remotely
- Workers responding to cyber incidents involving critical infrastructure, including medical facilities, SLTT governments and federal facilities, energy and utilities, and banks and financial institutions, and other critical infrastructure categories and personnel
- Operational staff and technical support for SCADA Control systems
The Cybersecurity and Infrastructure Security Agency (CISA) has been monitoring the evolving Coronavirus, also known as COVID-19 situation closely, taking part in interagency and industry coordination calls, and working with critical infrastructure partners to prepare for possible disruptions to critical infrastructure that may stem from widespread illness, should the virus take hold in the U.S.
CISA continues to work closely with federal partners to prepare the nation for possible impacts of a COVID-19 outbreak in the U.S. This whole-of-nation effort is led by Health and Human Services through the Centers for Disease Control, with all other agencies, including CISA, in a support role.
The Cybersecurity and Infrastructure Security Agency (CISA) is the Nation’s risk advisor, working with partners to defend against today’s threats and collaborating to build more secure and resilient infrastructure for the future. CISA builds the national capacity to defend against cyber attacks and works with the federal government to provide cybersecurity tools, incident response services and assessment capabilities to safeguard the ‘.gov’ networks that support the essential operations of partner departments and agencies.
What is Critical Infrastructure?
Critical infrastructure refers to vital physical and cyber systems and assets. It includes those facilities, systems, sites, information, people, networks and processes that are integral to a society. This infrastructure also includes those sites and organizations dealing with highly sensitive information and materials that could be used for nefarious purposes. See more