Colonial Pipeline incident - lessons to be learned
The cybersecurity incident affecting a major critical infrastructure, the Colonial Pipeline, drove home the point that, while our economies are migrating to a more digital world than ever, vulnerabilities and extreme consequences are a new area of concern.
Following the incident Homeland Security is issuing new regulations, Pipeline Problems Prompt New Regulations.
In Canada , the Critical Infrastructure sector, has been supported by Public Safety Canada in matters of Cybersecurity and that would include each CI sector, from Water to Transportation , to the power grid. The Canadian Centre for Cyber Security (CCIRC) is a great resource for guidance on cybersecurity for both CI, Commercial enterprises and individuals.
Does it mean that we are immune to the type of attack experienced by Colonial? not at all. As we go more digital and work from home we open up new avenues to adversaries in taking advantage of the widening field of vulnerabilities. The prevention part should be everyone's concern. Situational awareness combined with basic hygiene in handling emails and maintaining back ups are some of the most basic steps to reduce both the opportunity but also recover if we cant stop it.