Critical Infrastructure

What Is Critical Infrastructure?

Critical infrastructure is any network, system, or asset the public sector deems essential to society. Critical infrastructure plays a pivotal role in safety, security, public health, and the economy. If critical infrastructure is destroyed or otherwise rendered non-functional, the result is typically significant and widespread disruption.

Some critical infrastructure also has the potential to cause catastrophic damage to its surroundings if operated incorrectly.  

Each nation has a slightly different classification system for critical Infrastructure, though in most cases, assets are still divided by industry or sector. Countries also have different priorities where Critical infrastructure is concerned, with some assets deemed more important than others. With that said, certain assets, such as water and power, are almost universally viewed as essential.

What Sectors Operate Critical Infrastructure?

Critical infrastructure may be found in any of the following industries:

  • Transportation
  • Manufacturing
  • Agriculture
  • Public Sector/Government
  • Healthcare
  • Pharmaceutical
  • Financial Services
  • Telecommunications
  • Emergency Services
  • Energy and Utilities
  • Waste Management

Examples of Critical Infrastructure

Examples of critical infrastructure include, but are not limited to:

  • Power Plants
  • Water Treatment Facilities
  • Roads and Bridges
  • Hazardous Materials
  • Hospitals
  • Postal Services
  • Internet Connectivity
  • Data Storage

The Three Elements of Critical Infrastructure

According to the United States Federal Emergency Management Agency (FEMA), the three elements of Critical Infrastructure are:

Physical: tangible assets such as power lines or roads

Cyber: Any electronic system that transmits, stores, or manages information. This category encompasses both software and hardware

Human: Individuals with critical knowledge, skills, or responsibilities and people who may be uniquely susceptible to attack

How Critical Infrastructure Relates to Key Resources

Essential resources, as defined by the Cybersecurity & Infrastructure Security Agency (CISA), are assets that, though not critical infrastructure themselves, are nevertheless essential to government and societal operations. They may be publicly maintained or privately owned, manufactured or naturally occurring.

Critical Infrastructure vs. Public Infrastructure

Public infrastructure is a catch-all term for government-owned assets and facilities available for public use or broadly crucial to society. It may be divided into three categories:

Soft Infrastructure encompasses the institutions that help maintain a nation or region’s economy and social order, including hospitals, schools, and regulatory agencies.

Hard Infrastructure refers to physical systems that transport resources and convey information, such as roads and cell phone towers.

Critical Infrastructure is vital enough that interruption poses a severe risk to people’s well-being. Among other things, It may include electricity, water, food, shelter, and access to medicine.

Ultimately, these distinctions are mainly symbolic, as most governments class all three types of public Infrastructure under the umbrella of critical infrastructure.

Threats Facing Critical Infrastructure

Critical infrastructure threats can be broadly divided into two categories: natural and man-made.

Natural threats may include natural disasters, fire, flooding, and severe weather.

Man-made threats could include physical theft, vandalism, malware, ransomware, data breaches, and other forms of cyberattack.

Why Critical Infrastructure Security Is Important

When critical infrastructure is brought down, the consequences go far beyond the public sector, typically causing severe disruption across multiple industries. In extreme cases, compromised critical infrastructure threatens the health and well-being of the people that rely on it, sometimes even resulting in loss of life. In recent years, there have been multiple examples of this in the US and internationally.

2021 Colonial Pipeline Attack: Threat actors with a suspected connection to the Russian government shut down the pipeline for nearly a week via ransomware. This resulted in widespread fuel shortages, bringing fuel prices to their highest since 2014.

2015 Attack on Ukraine’s Power Grid: Another attack with a suspected connection to state actors, this attack was the first of its kind and left more than 230,000 residents without electricity for more than six hours. It took several months for operations to return to normal.

Multiple US municipalities have been targeted with ransomware over the past several years, disrupting essential government services for weeks. The city of Oakland was among the most severe, as hackers followed up on the attack by publishing the personal data of current and past employees.

In short, the economic and social implications of an attack against critical infrastructure are immense, and it’s not just the result of state-sponsored threat actors. Even a cybercriminal with a shotgun approach to selecting targets or an automated worm could cause catastrophic damage. The public and private sectors must cooperate to secure and protect critical infrastructure.

Best Practices for Securing Critical Infrastructure

Audit and Assess

As with any security initiative, the first step in protecting Critical Infrastructure is a thorough audit of all connected systems and assets, followed by a comprehensive risk assessment. Cyber Threat Intelligence plays a crucial role in this pursuit, providing security teams with the necessary visibility to detect, identify, and mitigate potential attacks. Additionally, it’s essential to understand the overall threat landscape facing Critical Infrastructure, as well as the most common types of cyberattack:

Build a Culture of Cybersecurity

Cybersecurity is no longer a chiefly technological concern—it ceased to be years ago. Today, regardless of industry or vertical, security is everyone’s responsibility, and every department must do its part to keep assets, systems, and data safe. Fostering an organizational culture that emphasizes mindfulness, accountability, and cybersecurity awareness is essential.

Incorporate Zero Trust Network Access

Modern supply chains and workplaces are highly distributed, representing a considerable security risk. Zero Trust Network Access (ZTNA) emerged as a response to this. As a security framework, it improves network visibility, vulnerability management, and breach prevention. ZTNA also makes it more difficult for threat actors to gain access to a network through additional layers of verification.

Address Internal Skills Shortages

It’s no secret that qualified security professionals are in short supply. Likely as not, your organization is dealing with a skill shortage. This represents a risk you cannot afford—whether through internal training, new hires, or third-party expertise, you must bridge any existing skill gaps.

Conduct Regular Drills

It’s been said that no plan survives first contact with the enemy. Therefore, it’s not enough to have an incident response plan. Your organization must also run regular tests. In addition to keeping employees practiced and prepared for genuine emergencies, consistent testing also allows you to identify possible shortcomings in your approach.

Practice Basic Cyber Hygiene

As much as the media loves to focus on cyberespionage and dangerously skilled black hats, most cyberattacks are not particularly complicated or sophisticated. They target known vulnerabilities and security shortcomings. An organization can defeat most of these attempts with just a few basic measures.

  • Cybersecurity awareness training with a particular focus on preventing social engineering attacks such as spear phishing
  • Enforced multifactor authentication
  • Least-privilege access rules
  • Deploy a password manager to employees and enforce strong, complex passwords
  • Install security patches and updates as soon as they release
  • Implement sandboxing or a similar measure for remote connections

Cylance for Securing Critical Infrastructure

Cylance Endpoint Security powered by Cylance AI® defends critical infrastructure against cyberattacks—enabling operational technology-based organizations to modernize safely and without interruption.
LEARN MORE

Related Resources:

Resource Icon Data Loss Prevention (DLP) Resource Icon Endpoint Security Resource Icon Endpoint Protection Platforms (EPP) Resource Icon Endpoint Detection and Response (EDR) Resource Icon Extended Detection and Response (XDR) Resource Icon Identity and Access Management (IAM) Resource Icon Managed Detection and Response Resource Icon Managed XDR Resource Icon MITRE ATT&CK Framework Resource Icon Mobile Threat Defense (MTD) Resource Icon User and Entity Behavior Analytics (UEBA) Resource Icon Zero Trust Architecture Resource Icon Zero Trust Network Access (ZTNA) Resource Icon Zero Trust Security Resource Icon Security Information and Event Management (SIEM) Resource Icon Secure Access Service Edge (SASE)
More Resources