Critical Infrastructure Security

November is Critical Infrastructure and Resilience Month

Biden visits Israel

President Joe Biden has declared November 2023 Critical Infrastructure and Resilience Month, a reflection of the nation’s determination to safeguard its vital systems from cyber attacks by foreign adversaries.

“This Critical Infrastructure Security and Resilience Month, let us recommit to reinforcing our critical infrastructure and remaining vigilant to threats that undermine our collective security and economic prosperity,” the proclamation reads.

The annual period “focuses on educating and engaging all levels of government, infrastructure owners and operators, and the American public about the vital role critical infrastructure plays in the nation’s well being and why it is important to strengthen critical infrastructure security and resilience,” the Cybersecurity and Infrastructure Security Agency (CISA) said in a statement.

CISA Offers Security Advice

CISA’s Dr. David Mussington, executive assistant director for Infrastructure Security, kicked off the effort in a video with advice for infrastructure owners and operators to safeguard their systems and networks by:

  • Assess Your Risk. Organizations should identify their most critical functions and assets, define dependencies that enable the continuity of these functions, and consider the full range of threats that could undermine functional continuity.
  • Make a Plan and Exercise It. Organizations should perform dedicated resilience planning, determine the maximum downtime acceptable for customers, develop recovery plans to regain functional capabilities within the maximum downtime, and test those plans under real-life conditions to ensure the ability to operate through disruption.
  • Continuously Improve and Adapt. Organizations should be prepared to regularly adapt to changing conditions and threats. This starts with fostering a culture of continuous improvement, based on lessons learned from exercises and real-world incidents, and evolving cross-sector risks.

Critical Infrastructure Security Emphasized

The resilience effort isn’t only focused on cybersecurity defenses. It also covers threats to critical infrastructure systems brought on by climate change.

“The safety and security of the nation depends on the ability of critical infrastructure to prepare for and adapt to changing conditions and to withstand and recover rapidly from disruptions," CISA said.

The President’s tone followed closely to last year’s proclamation in which he also focused on the “signs of wear and tear everyday Americans pay the prices for… when powerful storms and forest fires made more frequent and ferocious by climate change” can damage energy grids.

In this year’s briefing, Biden said that his administration knows that to protect our critical infrastructure we must improve our cybersecurity.

“When unsecure networks are hacked, critical services can go offline and businesses can suffer huge losses,” the White House said.

Biden pointed to his administration’s efforts to protect critical infrastructure at all levels of operation. “These priorities have been catalyzed by my National Cybersecurity Strategy released earlier this year, which lays out our strategy to enhance the cybersecurity and resilience of our Nation’s critical infrastructure and the American people.”

“This Critical Infrastructure Security and Resilience Month, let us come together in common cause to bolster our Nation’s critical infrastructure and create a more resilient Nation and economy for generations to come,” Biden said in the proclamation.

D. Howard Kass

D. Howard Kass is a contributing editor to MSSP Alert. He brings a career in journalism and market research to the role. He has served as CRN News Editor, Dataquest Channel Analyst, and West Coast Senior Contributing Editor at Channelnomics. As the CEO of The Viewpoint Group, he led groundbreaking market research.