Ways of reducing vulnerabilities and ensuring the protection of critical infrastructure
The critical infrastructure in the US continues to remain at a threatening or vulnerable position because emerging cybersecurity threats have been increasing at an exponential rate (Bendrath, 2001). The effect is on national information systems. National security is at a threatening stage because intrusion attempts have been rising as well. The need of the hour is to protect the economy, public and government services. Although the Federal Government has been working on increasing the capabilities so that operations can run smoothly, it is vital to consider other options. Therefore, the ways in which intrusion attempts can be controlled and vulnerabilities can be reduced shall be outlined briefly.
Listing the ways of reducing vulnerabilities
The nation’s critical infrastructure can be protected against cyber threats and vulnerabilities by following the below-mentioned remedies-
- Reducing human error- Devices are susceptible to easy exploitation, and it is essential to use passwords or usernames that have been not in use consistently. Vulnerabilities can be reduced by using less well-known passwords. Leaked credentials are one of the threatening issues.
- Conducting vulnerability testing- It makes sense of constantly testing the critical ICS devices along with other system architectures (Boin & McConnell, 2007). Testing would beat the cybercriminals. Testing would increase the efficiency of systems as well because gaps in the system can be easily analyzed. Thereafter, security solutions can be employed to close the gaps.
- The building of the critical system from basic level- It would be feasible to build a system that considers security from the basic level or at beginning stages. It would be disastrous to build security and then try to inject it. The costs of such an action would be high. The idea is to design a system specifically after understanding the security needs of the firm.
- Differentiating the real threats and probable threats- The critical infrastructure in the US are susceptible to various types of threats. It is vital to employ the services of threat intelligence agencies so that it can scan the internet and the dark web for real threats associated with the industry.
An outline of protection strategies and anticipation of future threats
One of the protective strategies that the government can employ is not to over-classify threat intelligence with all information and regarding critical industries operating in the US Awareness regarding emerging threats should be enhanced as well. Protection can be ensured only when a collective effort from experts of intelligence is given. Service providers, along with local municipalities, need to work together because pushing a single button is less likely to resolve cyber-security related threats (Givens & Busch, 2013). There is a need to predict future threats because sophisticated architecture can be secured only when attacks can be forecasted in advance. A risk assessment would be beneficial to anticipate threats. Defense strategies including intrusion detection systems, firewalls, access controls or antivirus software could be effective. Moreover, DBN or “Dynamic Bayesian Network, a statistical model can be used to estimate threat probabilities.