Global Critical Infrastructure
The assets, systems, networks, facilities and other elements the world relies upon, whether physical or cyber, that are so vital that their incapacity or destruction
would have a debilitating impact to
global security, economies, and
public health and safety.
MOVING FROM A 'REACTIVE' TO A 'PROACTIVE' SECURITY STRATEGY
Requires Informed Defenders to Enable and Sustain Security Resilience
IDENTIFY - DETECT - PROTECT - RESPOND - RECOVER
The best "PROACTIVE DEFENSE' is the collective public- and private-sector identification, analysis and information sharing of
globally trusted all-hazards "ACTIONABLE" intelligence, defense measures supported by coordinated response.
COMMON OPERATIONAL PICTURE (CoP)
Real-Time Security Situational Awareness All-Hazards - Physical, Cyber and Cognitive (Malign Influence, Disinformation, Misinformation)
"TRUE" Common Operational Picture
To Sustain Security, Safety and Resilience
PHYSICAL SECURITY - The protection of people, property and physical assets from actions and events that could cause damage or loss.
PHYSICAL SECURITY RESILIENCE - An organization's ability to prevent, to the greatest degree possible, the loss of, theft, or damage to assets (people, information, equipment, facilities, activities and operations) from threats and vulnerabilities.
Physical threats include any event such as pandemics, violent civil unrest, climate
change, natural disasters, hurricanes, tornadoes, floods, volcanoes, earthquakes,
criminal acts, terrorism, and weapons of mass destruction.
Maintaining a strong physical security resilience posture requires `continual risk situational awareness and assessments of existing, new and changing threats.
- Asset Management - Identification, and assessment to an asset's nature and value and the degree of impact if damaged or lost
- Threat Management - Identification of threats that are indications, circumstances or events with the potential to cause loss of, or damage to an asset or capability, and perceived imminence of environment, physical or criminal aggression
- Vulnerability Management - Identification of weaknesses, characteristics or circumstances that if left unchanged, may result in being impacted by a natural event or exploited by an adversary that may result in the degradation, loss of life, or damage to mission-essential resources.
- Risk Management - Once assets, threats and vulnerabilities are identified, conducting a risks analysis to determine the impact of an unwanted event and the likelihood that it will happen.
- Countermeasure Management - Based upon calculated risks, countermeasures and security measures are defined to be employed to protect assets.
CYBERSECURITY encompasses the technologies, activities, processes, abilities, capabilities, resources and state whereby information, communications, and cyber-physical systems are protected against damage, unauthorized use, modification or exploitation.
An Attack . . . is an Attack . . . is an Attack - Threatening All Critical Infrastructure Sectors, Communities and Government - Cyber attacks may initially occur or originate in one sector, but can quickly cascade impacting other sectors.. While cyber defenders are focused on specific sectors, adversaries are focusing attacks on IP ranges and vulnerabilities 99% of the time. A cyber attack on any sector must include monitoring and analyzing threat impacts across all sectors to identify attacks that will (eventually) be made against others.
IACI Global Common Operational Picture (COP) - IACI's all-hazards global monitoring and reporting encompasses all critical infrastructure sectors, government, law enforcement and other communities.
CYBERSECURITY RESILIENCE - An organization's ability to continuously deliver critical services services, operations and outcomes despite the occurrence of incidents or events via:
- Asset Management - Identification, documentation and management of critical assets during their lifecycle ensuring sustained critical services
- Control Management - identification, analysis and management of controls enabling critical services operations
- Configuration & Change Management - Processes to ensure the assets integrity, using change control and change control audits
- Threat & Vulnerability Management - Identification, detection, analysis, reduction and deterrence to ensure critical services integrity and availability
- Incident Response Management - Response, resiliency and recovery policies, processes and activities to identify and analyze events, detect incidents, and determine activate response protocols
- Service Continuity Management - Enduring the continuity of essential operations of services and associated assets if a disruption occurs
- Risk Management - Strategy, policy, standards and Identification, analysis and mitigation of risks to critical assets that could adversely affect service operation and delivery
- Situational Awareness - Encompassing access to global public- and private-sector discovery and analysis of timely and actionable threat intelligence and defensive measures intelligence from trusted sources (common operational picture - COP) related to immediate operational and service stability and security
- External Dependencies Management - Processes to manage the appropriate level of controls to ensure sustainment and protection of services and assets dependent on the actions of external entities
Best Practice Adoption, Training & Awareness - Development of skills and promoting awareness for people with roles that support critical services and operations
Society is experiencing widespread "Truth Decay" - Discussions of national and global importance are increasingly based on lies and ideology rather than facts and evidence. While disinformation and propaganda are not new, the use of social platforms is a game changer for malign influence. The volume of content aimed at exploiting cognitive biases and doing harm has never been greater and the speed at which such information spreads is unprecedented, with multi-scale malign influence campaigns targeting individuals, public and private organizations, critical infrastructure, governments and nation states.
Cognitive Security is a critical component of all-hazards security situational awareness, analysis and information sharing as disinformation, misinformation and malign influence continually impact all the security we make.
COGNITIVE SECURITY - The ability to detect, protect, respond, and recover from malign influence - coordinated, integrated and synchronized application of disinformation, misinformation or malinformation to undermine confidence, and foster attitudes, behaviors or outcomes.
- Disinformation - Verifiably false or misleading information created and disseminated with the intent to deceive.
- Misinformation - The unintentional or inadvertent distribution of false or misleading information.
- Malinformation - The intentional dissemination of information, real or fabricated to embarrass, discredit or encourage violence against an individual or group.
COGNITIVE SECURITY RESILIENCE - An organization's ability to continuously deliver critical services, operations and outcomes by deterring the impacts of:
- Exploitation of individual, domestic and foreign cognitive biases at multiple scales
- Attempts to influence and manipulate human behavior to an incident or event by obscuring , fabricating or distorting the truth.