In Dept. of Homeland Security’s Brian Harrell’s interview in November’s PUF, he talked about what we can all do for our industry’s cybersecurity:
“Number one, invest in resilience. A lot of our budgets reflect the here and now, but we need to understand that at some point something bad is going to happen.
Second, remove single points of failure and add redundancy to your systems so when that bad things happens, we have the ability to come back to normal as quickly as possible and restore critical services. Let’s not have that single point of failure that if we were to lose that particular five hundred-kilovolt substation, that it would be detrimental to the system.
Understand collective defense. That means we are all in this together. The federal government, private industry, and the American citizen are in this together. We need to change the culture when it comes to security, very similar to what we did back in the ’80s and ’90s surrounding safety. Today within industry there is a strong safety culture. We need that same culture mentality surrounding security.
Last, I want to start the conversation about how we secure tomorrow. When we’re looking at infrastructure security for the years 2045 and 2050, where everything is interconnected, where new threats may have emerged and materialized – we need to put some thought and attention on what’s coming next.
Our budgets need to reflect that, and that’s why resilience is so important. We need to start to think and realize that today’s threats may not necessarily be tomorrow’s threats and we need to start doing a better job of anticipating.”