In an age where the digital heartbeat of our society faces constant threats, the Cybersecurity and Infrastructure Security Agency (CISA) is taking a formidable stance to safeguard critical infrastructure. The mission is clear: become the managed services provider for entities vital to our daily lives, such as energy, water, education, healthcare, and communications, which have increasingly become prey to cybercriminals.
The Urgency of Defense: A Soaring Increase in Cyber Attacks
The urgency of this endeavor is underscored by a stark reality — a 140% year-over-year increase in attacks on operational technology entities in 2022 alone. Remember the headlines about Colonial Pipeline and JBS Foods in 2021? Those were wake-up calls, highlighting the imperative of fortifying our critical infrastructure against cyber threats.
CISA’s Strategic Move: Piloting a Cybersecurity Revolution
CISA’s strategic move, fueled by new authority granted by Congress, involves piloting a program that extends proven cybersecurity services to commercial critical infrastructure entities voluntarily. The idea is to provide these organizations access to shared services, support, and security expertise that federal civilian counterparts have successfully utilized for years.
The Pragmatic Approach: Cost-Effective Solutions for a Safer Future
Eric Goldstein, the executive assistant director for cybersecurity at CISA, emphasizes the practicality and cost-effectiveness of this approach. Scaling cybersecurity services to the segments of critical infrastructure that need it most is not just a strategic move; it’s a pragmatic one. It allows CISA to gain deeper insights into evolving threat landscapes, establish a common baseline of cyber protection, and, most crucially, reduce the frequency and impact of damaging cyber events.
A Targeted Defense: The “Target-Rich, Resource-Poor” Strategy
A key aspect of CISA’s plan involves adopting a “target-rich, resource-poor” strategy. This means focusing on entities in the healthcare, water, and K-12 education sectors in the initial phase. These sectors, often lacking the financial resources for comprehensive cybersecurity, are prioritized to receive much-needed support.
The First Line of Defense: CISA’s DNS Resolver
As part of the pilot program, CISA has deployed its Protect Domain Name System (DNS) Resolver. This service, previously exclusive to federal civilian agencies, acts as a first line of defense against cyber threats. By utilizing threat intelligence from the U.S. government and commercial organizations, the DNS Resolver prevents systems from connecting to domains known or suspected of being malicious.
Tangible Impact: Over 700 Million Attempts Thwarted
Since its deployment in October, the service has blocked almost 700 million attempts by federal agencies to connect to malicious domains. This not only reduces the risk of ransomware, phishing campaigns, and malicious redirects but also showcases the practical impact of CISA’s efforts in safeguarding our digital infrastructure.
Looking Ahead: CISA’s Contribution to Cyber Resilience
The pilot program is a significant step in CISA’s broader mission to protect critical infrastructure, acknowledging the potential disruptions and, in the worst cases, the loss of human life that could result from cyber attacks. By delivering much-needed cybersecurity services to organizations that may struggle to afford them, CISA is actively contributing to the resilience of our digital backbone.
As we navigate the complex landscape of cybersecurity, CISA’s initiative stands as a beacon of hope, demonstrating that a strategic and collaborative approach can fortify our critical infrastructure against the evolving threats in our cyberspace.