What Is Critical Infrastructure Protection (CIP)?
연락처Critical Infrastructure Protection (CIP) Meaning
Critical infrastructure protection (CIP) is the process of securing the infrastructure of organizations in critical industries. It ensures that the critical infrastructures of organizations in industries like agriculture, energy, food, and transportation receive protection against cyber threats, natural disasters, and terrorist threats.
CIP typically involves securing critical infrastructures such as supervisory control and data acquisition (SCADA) systems and networks, as well as industrial control systems (ICS) and operational technology (OT). Popular CIP solutions from Fortinet include SCADA for securing critical infrastructure and OT for critical infrastructure protection.
History of Critical Infrastructure Protection (CIP)
The history of CIP began when President Bill Clinton issued the PDD-63 presidential directive in May 1998. The directive documented parts of the national infrastructure that were considered to be critical to the United States’ national and economic security. It also outlined how to protect critical infrastructure, including the steps to achieve that.
The directive pointed to 16 sectors that the U.S. government identified as critical to its national infrastructure. Each sector was then assigned a government agency and department responsible for putting together a CIP plan to protect it.
These 16 individual plans were then compiled into one comprehensive, overarching plan, which was referred to as the National Infrastructure Assurance Plan. In addition, in 2006, the government formulated the National Infrastructure Protection Plan (NIPP), which details how government agencies and the private sector should work together
Critical Infrastructure Sectors That Require CIP
The 16 major sectors considered critical to national infrastructure were:
- Chemical
- Commercial facilities
- Communications
- Critical manufacturing
- Dams
- Defense industrial base
- Emergency services
- Energy
- Financial services
- Food and agriculture
- Government facilities
- Healthcare and public health
- Information technology
- Nuclear reactors, materials, and waste
- Transportation systems
- Water and wastewater systems
These sectors have recently been joined by election systems, which were designated as critical infrastructure by the U.S. Department of Homeland Security (DHS).
Why Is CIP Important?
Securing critical infrastructure is vital to ensuring the American people have access to services like drinking water, electricity, and food. It is also crucial to protecting high-value industries from cyberattacks, such as the chemical, communications, emergency services, healthcare, information technology, and transportation sectors.
If hackers could breach the critical infrastructure of the sectors listed above, the result could have devastating consequences for organizations. It could also pose a serious threat to global economies and communities. Therefore, successfully protecting critical infrastructures requires government agencies to establish strong partnerships with commercial parties and use appropriate solutions to implement and manage the initiatives.
Protecting critical infrastructure is also reliant on recognizing the risks that could threaten their integrity. This includes attack vectors and network security, as well as issues like equipment failing, the risk of human error, and natural disasters such as weather activity. These risks must be factored into any decision around solutions that enable organizations to detect and identify security attacks and network behavior anomalies.
Amazon CloudFront + Fortinet Web App and API Security
Secure your critical infrastructure with AWS & protect against known and unknown vulnerabilities & threats.
Watch the on-demand webinarTop 10 CIP Technologies for Enterprises
Many of the critical infrastructure protection examples discussed above use the following enterprise technologies:
- Deep CDR: Content disarm and reconstruction (CDR) disassembles a file into its constituent parts and eliminates any potential threats.
- Proactive DLP: Data loss prevention technology (DLP) protects sensitive information via metadata removal, automatic document redaction, or watermark addition rather than blocking files.
- Multiscanning: Multiscanning technology makes anti-malware solutions resilient and significantly enhances malware detection rates and outbreak detection times.
- File-based vulnerability: This technology searches for flaws in files and applications before they are installed, so IT teams can fix any vulnerabilities.
- Threat intelligence: To avoid malware outbreaks or stop them, threat intelligence analyzes malicious patterns, making it easier to identify threats.
- Sandbox: Sandboxes run untested code and third-party software in an environment that has no access to the company's network. They can also be used to contain threats in a safe, insulated environment, enabling you to observe how they behave.
- Endpoint compliance: This enables enterprises to identify, evaluate, and correct applications that do not adhere to established operational and security regulations.
- Endpoint vulnerability assessment: This ensures that all programs are running with the most recent versions, strengthening endpoint security. Automatic patching can quickly fix vulnerabilities after they have been found.
- Malware detection on endpoints: This evaluates an endpoint for any suspicious activity by checking the libraries and processes that are running.
- Endpoint application removal: This enables the removal of security solutions, including antivirus software and firewalls, that are not appropriate or approved for the work environment. It can remove potentially unwanted applications (PUA) as well.
How Do We Protect and Manage Risks to Critical Infrastructure?
The responsibility for protecting critical infrastructures lies with the Cybersecurity and Infrastructure Security Agency (CISA), a DHS agency that Congress created in November 2018. The agency leads the coordinated national effort to protect critical infrastructure, with three key aims:
Managing the Risk Faced by Critical Infrastructure
Critical infrastructure risk is managed by the National Risk Management Center (NRMC), which is an entity within CISA. NRMC aims to identify and address the biggest risks that the U.S.’s critical infrastructure faces through analysis, planning, and collaboration. It does this by identifying and prioritizing the most significant risks that critical infrastructure faces and taking actions that will mitigate the risks.
Enhancing the Security of Critical Infrastructure
Improving security is fundamental to protecting critical infrastructure. This includes enhancing physical security, such as ensuring doors are locked and placing effective fences to protect buildings. It also includes deploying effective cybersecurity solutions to protect organizations’ networks, systems, and users, as well as identifying and addressing their virtual vulnerabilities. Organizations also must practice good cyber hygiene by preventing the use of weak passwords, patching vulnerabilities, and avoiding phishing scams and malware attacks.
However, critical infrastructures present significant cybersecurity challenges. For example, ICS cannot be scanned for vulnerabilities in the same way as virtual IT environments because doing so can take the industrial system offline, which could bring down a plant’s operations. Additionally, many OT systems have existed since before the internet and were in "air-gapped" systems that lowered their risk of cyberattacks. But with the world becoming increasingly connected, these systems are becoming more exposed to hackers’ exploits.
Enhancing the Resilience of Critical Infrastructure
Critical infrastructure needs to be resilient to changing conditions, as well as withstand and recover from disruption. This means strength against physical and cyber threats, which require a comprehensive cybersecurity defense program.
The National Institute of Standards and Technology (NIST) assists organizations in this. It enables them to develop and implement effective protection to their critical infrastructure. DHS also provides the Cyber Resilience Review (CRR), which is a free resource that offers insight into organizations’ cyber resilience status. The CRR also includes a NIST framework crosswalk, which enables organizations to align their processes with the NIST program.
How Fortinet Can Help
Fortinet enables organizations to protect their critical infrastructure with its OT security. This is a proactive approach, and the OT launch by Fortinet enables multiple technologies to work together over IT and OT environments, rather than operate in silos. Organizations get fast, automated responses to security attacks, full visibility of their infrastructure, the ability to plug OT security gaps, and simplified management.
Fortinet also offers security solutions for SCADA systems and ICS, which remove critical systems’ exposure to the expanding threat landscape. Fortinet enables organizations to design the security of their complex infrastructure in an efficient, non-disruptive manner that ensures their OT environments are compliant and protected.
Furthermore, Fortinet provides next-generation firewalls (NGFWs) that safeguard organizations’ networks from known and evolving security threats. NGFWs filter network traffic to protect against internal and external threats. They also offer advanced content inspection that identifies cyberattacks and discovers and blocks malware.
FAQs
What is Critical Infrastructure Protection (CIP)?
Critical infrastructure protection (CIP) is the process of securing the infrastructure of organizations in critical industries.
Why is critical infrastructure protection important?
Securing critical infrastructure is vital to ensuring the American people have access to services like drinking water, electricity, and food. It is also crucial to protecting high-value industries from cyberattacks, such as the chemical, communications, emergency services, healthcare, information technology, and transportation sectors.
