You are here

Critical Security and Resilience Month, Week 1 – Managing Risk to a Converging Cyber and Physical World

Critical Security and Resilience Month, Week 1 – Managing Risk to a Converging Cyber and Physical World

Created: Tuesday, November 5, 2019 - 11:58
Federal & State Resources, Resilience, Security Preparedness

As noted in the October 31 Security and Resilience Update, November is Critical Infrastructure Security and Resilience Month, a time intended to highlight the vital role that critical infrastructure systems and places play in keeping the nation and its communities safe, secure, and prosperous. Each week of the month has its own theme, and the theme for this first week is “managing risk to a converging cyber and physical world,” a fitting transition from National Cybersecurity Awareness Month in October. Speaking on the subject recently, Assistant Director for Infrastructure Security Brian Harrell at the Cybersecurity and Infrastructure Agency (CISA) said, “Our way of life relies on a complex network of physical and cyber systems, all working together in harmony, to defend against critical infrastructure threats, both natural and man-made. Our job is to make sure we stay ahead of the threat curve and provide solutions.” CISA, a component of the U.S. Department of Homeland Security, will be supporting Critical Infrastructure Security and Resilience Month throughout November by sending out messages and making available resources for partners to use. Among the resources is the 2019 Infrastructure Security Month Toolkit, which discusses today’s threats and issues and presents approaches for promoting infrastructure security and resilience.

Other federal departments and agencies are taking the opportunity to emphasize the importance of critical infrastructure security and resilience and to make partners aware of resources that can assist with their efforts. U.S. EPA, for example, reminds utilities of the availability of some of its resources, including:

The Baseline Information on Malevolent Acts for Community Water Systems document is intended to help identify your utility’s risks to malevolent acts (e.g., cyber attacks and contamination).

Additionally, once you’ve identified possible malevolent threats to your water infrastructure, EPA recommends utilizing its Vulnerability Self-Assessment Tool (VSAT) Web 2.0 to assess risk and resilience to both malevolent acts and natural hazards and find cost-effective measures to reduce risk and increase resilience.

EPA also reminds utilities of upcoming events that will speak to security and resilience, including the Creating Resilient Water Utilities webinar on November 13, the Water Laboratory Alliance Region 4 Summit on November 13-14, and several in-person training events on the America’s Water Infrastructure Act (AWIA).