What Critical Infrastructure Organizations Must Do Now To Avoid 'The Big Shutdown'
Retired U.S. General Gregory Touhill (Director of the Software Engineering Institute’s CERT Division) and former Rockwell Automation CISO Dawn Cappelli sat down for an interview with ISMG’s Tom Field, SVP of Editorial, to discuss the 2022 Rockwell Automation research report on cybersecurity preparedness in Critical Infrastructure.
These industrial cybersecurity experts reviewed common gaps contributing to largely preventable breaches and a rising threat of broad, widespread Critical Infrastructure shutdowns, like those impacting Colonial Pipeline, JBS meat supplier and the Oldsmar, Florida water treatment facility. This discussion examines:
- How a perfect storm is brewing, composed of rising OT attacks, mass disruptions, geopolitical tensions, under-budgeted security programs, common security gaps, and enticing financial gains for ransomware criminals
- Steps industrial organizations can take to quickly shore up cybersecurity preparedness, include supply chain risk assessments, asset inventorying, continuous threat monitoring, and a written incident response plan
- How to use the NIST cybersecurity framework as the basis of a reliable, ongoing cybersecurity plan; identifying and prioritizing business-critical systems to enable Zero Trust strategies; and developing a cybersecurity plan suitable for a US grant application with a free guide from Rockwell Automation.