The Cybersecurity and Infrastructure Security Agency (CISA) has announced that November is Infrastructure Security Month 2022 and published new resources designed to help organizations build cybersecurity programs.
Agriculture is one of 16 critical infrastructure sectors “that provide the essential services that underpin American society.”
The assets and systems of critical infrastructure sectors are considered so vital to the United States that their incapacitation or destruction would have a debilitating effect on security, national economic security, national public health or safety.
“Not only do we need to protect critical infrastructure facilities and people in and around those facilities from physical threats, but we also need to be aware of new cyber vulnerabilities that emerge as our critical infrastructure systems increasingly integrate information technology (IT) and operational technology (OT),” CISA noted.
CISA published an infrastructure security toolkit, highlighting the steps all organizations can take, including: National Grain and Feed Association 7 Return to contents November 11, 2022
• Strengthen your security plans by having a better understanding of the unique risks to your organization and systems.
• Exercise your preparedness plans on securing public gatherings and make sure they are up to date with the latest techniques and tactics.
• Focus on ways they can reduce risk and build resilience on both the physical and cyber fronts.
• Consider ways to embed resilience as a foundational design feature when upgrading or building new critical infrastructure.
Also this week, CISA, along with the National Security Agency and the Office of the Director of National Intelligence under the Enduring Security Framework, released “Securing the Software Supply Chain Recommended Practices Guide for Suppliers” and an accompanying fact sheet.
Meanwhile, the Federal Bureau of Investigation (FBI) and the Multi-State Information Sharing and Analysis Center released “Understanding and Responding to Distributed Denial-of-Service Attacks” to provide organizations with proactive steps to reduce the likelihood and impact of distributed denial-of service (DDoS) attacks.