America’s national security and economic prosperity depend on critical infrastructure that is increasingly at risk from a variety of hazards, including attacks via the Internet. Critical infrastructure includes the broadband networks beneath us and the wireless signals around us, the utility plants that pump water into our homes, and the massive grids that power our Nation.
The security and resilience of these assets, systems, networks, and functions—whether physical or cyber—requires partnership layered approach that involves individuals and communities, businesses and non-profits, schools and universities, and governments at all levels, as well as a clear understanding of the risks we face. The government’s role in this effort is to share threat and mitigation information, create incentives for businesses to enhance their cybersecurity and resilience to attack, identify areas where improvements need to occur, and raise awareness about cybersecurity and critical infrastructure protection issues.
To help address this challenge, President Obama issued Executive Order 13636, Improving Critical Infrastructure Cybersecurity, and Presidential Policy Directive 21, Critical Infrastructure Security and Resilience. Under the Executive Order, the National Institute of Standards and Technology (NIST) developed a Cybersecurity Framework for the protection of critical infrastructure. The Framework uses expert input to set out voluntary standards and industry best practices to address cyber risks to critical infrastructures.
Emerging cyber threats require engagement from our entire society—from government and law enforcement to the private sector and, most importantly, members of the public. Cybersecurity is a shared responsibility.
To wrap up National Cyber Security Awareness Month, DHS will participate in an event, hosted by Bloomberg Government, which will focus on the tie between cybersecurity, critical infrastructure, and the financial industry. Join DHS, Bloomberg government, and other high-level senior government security officials on October 30th for the “Cybersecurity: Costs and Solutions" conference. View event details and register here.