The Tip of the Week: Private Sector Beware!
By Dr. Tom Phelan
Thursday, October 30, 2013, 8:07 a.m. EDT – This morning I received an e-mail from email@example.com titled FEMA Private Sector Resilience Tip of the Week. I usually scan these, but today, attempted to follow the enticing title through the thread provided in the e-mail.
FEMA Private Sector Resilience Tip 10/28/13: Prevent cyber threats from impacting your business systems network. http://go.usa.gov/WrPP.
I clicked on the link which led me to http://www.dhs.gov/protecting-our-nationâ€™s-critical-infrastructure-cyber-threats. The first four paragraphs narrowed the “Tip” to a discussion of cyber threats to only a certain few forms of critical infrastructure – “…the broadband networks beneath us and the wireless signals around us, the utility plants that pump water into our homes, and the massive grids that power our Nation.” My home has a well, so no need for a plant to pump in the water, but electric power is required for it to provide water. It still seems a bit confusing how cyber threats might impact bridges, tunnels, and road ways, but I continued in my journey down the “Rabbit Hole.” Low and behold, the concluding paragraph stated,
Emerging cyber threats require engagement from our entire society—from government and law enforcement to the private sector and, most importantly, members of the public. Cybersecurity is a shared responsibility.
The path continued through a link in this sentence, “To help address this challenge, President Obama issued Executive Order 13636, Improving Critical Infrastructure Cybersecurity, and Presidential Policy Directive 21, Critical Infrastructure Security and Resilience.”
I continued my pursuit of the “Tip.” The link led to “Strengthening the Security and Resilience of the Nation’s Critical Infrastructure,” at http://www.dhs.gov/strengthening-security-and-resilience-nationâ€™s-critical-infrastructure . In the first sentence on this page, I was offered two new links, Executive Order (EO) 13,636, “Improving Critical Infrastructure Cybersecurity,” and Presidential Policy Directive (PPD)-21, “Critical Infrastructure Security and Resilience.” Not to be caught half way down the Rabbit Hole, I clicked on the link to Executive Order (EO) 13, 636, and found myself on http://www.whitehouse.gov/the-press-office/2013/02/12/executive-order-improving-critical-infrastructure-cybersecurity. This is a seven page document. I also clicked on Presidential Policy Directive (PPD)-21, “Critical Infrastructure Security and Resilience. Here I found still another description of critical infrastructure.
The Nation's critical infrastructure is diverse and complex. It includes distributed networks, varied organizational structures and operating models (including multinational ownership), interdependent functions and systems in both the physical space and cyberspace, and governance constructs that involve multi-level authorities, responsibilities, and regulations. Critical infrastructure owners and operators are uniquely positioned to manage risks to their individual operations and assets, and to determine effective strategies to make them more secure and resilient.
It was here I chose to stop searching for the “Tip.” If you would like to go further, the following links were provided:
For more information about the EO on Cybersecurity and PPD-21 on Critical Infrastructure, please visit:
- Summary Report: Executive Order 13636 Cybersecurity Incentives Study
- Analytic Report: Executive Order 13636 Cybersecurity Incentives Study
- Blog: Working Together to Strengthen the Nation’s Critical Infrastructure, by Bruce McConnell, Acting Deputy Under Secretary for Cybersecurity
- Fact Sheet: Executive Order (EO) 13636 Improving Critical Infrastructure Cybersecurity and Presidential Policy Directive (PPD)-21 Critical Infrastructure Security and Resilience
- Fact Sheet: Integrated Task Force
- Press Release: DHS Highlights Efforts to Strengthen Cybersecurity for the Nations Critical Infrastructure
- Enhanced Cybersecurity Services
- DHS’s efforts in cybersecurity
- DHS’s efforts in critical infrastructure security
To gain the “private sector tip of the week,” be sure to start early so you’ll be ready for next week’s “Resilience Tip of the Week.”