According to this article in the Insurance Business America magazine, it’s the energy sector. This is no surprise, even without the statistics provided in the article; although the statistics are pretty staggering. The article states that according to DHS “more than 50% of investigated cyber incidents from October 2012 to May 2013 occurred within the energy sector”. The advice in the article is pretty sound and coincides well with what I’ve suggested many times in this blog… be prepared! Not only do power utilities need to have their own cybersecurity experts and the policies, plans, and infrastructure to prevent cyberattacks, they also need to be prepared for the potential success of the attackers. They need to know who to notify (and how), and what actions to take. Further, those that depend on electricity should have an alternate means of obtaining electricity to meet essential needs.
Threats to our infrastructure show just how interconnected we are and how interconnected our critical infrastructure is. This is the primary reason why our energy infrastructure, which touches every other sector, is so essential. We must ensure that we have in place prevention and protection plans, such as cybersecurity plans; hazard mitigation plans to lessen the impacts; response plans to address critical issues; and recovery plans to return to operations. Business continuity is also an essential component of this – even if you are an NGO or government entity (continuity of government).
Along with proper planning, training, and exercises, we need to continue to promote legislation which requires measures for cybersecurity and protection of our critical infrastructure.
What are your major critical infrastructure concerns?
© 2015 – Timothy Riecker
EMERGENCY PREPAREDNESS SOLUTIONS, LLC