Cyber and physical systems are increasingly interconnected. The prevalence of those connections is at the very core of the mission of the Cybersecurity and Critical Infrastructure Security Agency (CISA), which leads the national effort to protect both cybersecurity and physical infrastructure. CISA leaders describe it as a Venn diagram – where the merged area of cyber and physical systems only continues to grow.
“If we look back 10-15-20 years ago, our cyber systems and our physical systems were somewhat separate, and that overlap in the Venn Diagram was somewhat minimal,” said Nitin Natarajan, deputy director, CISA. “As we look at where we are today, and where we will be in the next three years, five years, ten years – I think that Venn diagram is going to continue to overlap even more.”
Some of the biggest threats to infrastructure today – from power grids to oil and gas pipelines – comes through cybersecurity attacks. With the Internet of Things creating increasingly interconnected networks of systems that include physical and cyber assets, it’s no longer as simple as dividing tasks between the kinetic and cyber.
Jermaine Roebuck, deputy associate director, CISA, describes how when he first started working for the Department of Homeland Security, tasks were typically divided between Federal Civilian Executive Branch Departments and Agencies, and another organization dealing with critical infrastructure.
“Over the years we’ve basically merged both organizations,” said Roebuck. “I view it as a partnership. The only way we’re going to be successful in cyberspace, and in the defense of critical infrastructure is if we partner with those organizations.”
CISA works to develop holistic security strategies, helping both the government and private sector consider how to apply good security hygiene across both physical and cyber realms.
“It really is looking at that interdependency, at looking at that crossover – the Venn diagram – where we can’t treat them as separate entities,” said Natarajan. He noted their teams work collaboratively. And as more people and organizations see how cyber and infrastructure protection affect them directly, they’re also more willing to work with others in different areas, and learn from individuals outside of their team or sector.
Automation, AI, interconnected systems – they’re blurred lines that tend to highlight vulnerabilities.
“I think we’re definitely up to the task, but it’s going to be fun task as we look to the next five to ten years,” said Natarajan.
Help Defend Today, Secure Tomorrow.
SPONSORED CONTENT: This article is written on or behalf of our Sponsor.