Increasing Vulnerability of Critical Infrastructure

Dr. Jayshree Pandya, Founder of Cyber-Security and Strategic Security Risk Research Centers @ Risk Group discusses " Increasing Vulnerability of Critical Infrastructure” with Ernest Wohnig, a Senior Global Cyber-Security Advisor @ AES Corporation, helping shape the much-needed dialogue on Critical Infrastructure and Industrial Control Systems. Prior to AES, Ernest was an Airforce Intelligence Officer and decorated with National Intelligence Council medallion.   Introduction The assets identified as critical infrastructure in cyberspace, geospace and space (CGS) are vital for the survival, success and sustainability of respective nations’ as they contribute to its very progress and development. These systems and assets, whether physical, digital, financial or virtual, are so vital to the nation that the incapacity or destruction of such systems or assets would have a debilitating impact on not only the physical or geopolitical security, but also the economic security, public health or safety, or any combination of those matters. These infrastructures must maintain their optimal conditions under all circumstances. Safeguarding the critical infrastructures in cyberspace, geospace and space—needs to be the utmost priority for each and every nation: its government, industries, organizations, academia and individuals (NGIOA-I). The well-being of this planet, human species, regions, nations and industries relies upon the safety, security and sustainability of the critical infrastructure—those assets, systems, and networks in cyberspace, geospace and space (CGS) that underpin the very fundamentals of a sustainable society.   So what is a Critical Infrastructure? According to the industry, critical infrastructure (CI) is used by governments as a term to describe infrastructures, systems and assets that are essential for the progress and development of society-- an incapacity or destruction of whose would have a debilitating impact on security at all levels. It is important to evaluate and understand why some infrastructure in CGS get classified as a global or national concern. In addition, it is important to understand why defining the critical infrastructure is an independent process for each nation. The infrastructure that is important to any particular nations’ survival has been in existence for a long time. However, its security risks have come in question over only last few years. Why have these infrastructures suddenly become so vulnerable for its security? While criticality of an infrastructure depends on a nation, and its interdependencies both within and across its boundaries, it is the complex interdependencies that defines if one of the infrastructures will be attacked, other will also likely be affected. What are the most critical threats to critical infrastructure in CGS? What are the common vulnerabilities of critical infrastructure? How are critical infrastructures controlled currently? What constitutes an attack on critical Infrastructure? How can nations secure its critical Infrastructure and ensure its continuity? The critical infrastructure in cyberspace--infrastructure and information that is perceived as an essential part of national security in most countries today-- is commonly understood to be an infrastructure or asset in the cyberspace, the incapacitation or destruction of which would have a debilitating impact on geospace and space—and the national security and the economic and social welfare of a nation. So the key questions are: Who is responsible for the security of the critical infrastructure in cyberspace? How do we protect the critical infrastructure in cyberspace, geospace and space? What should be the structure of the organization responsible for managing the security risks of critical infrastructure in cyberspace-geospace and space? How do individual nations define the national strategy for the protection of their critical infrastructure in CGS?...