Home Features Focus On Protecting Critical Infrastructure and Supply Chains

Focus On Protecting Critical Infrastructure and Supply Chains

Protecting the critical infrastructure supply chain in IT and OT systems will be a public and private sector priority in 2022.

SHARE
critical infrastructure, Unified approach to security, CISOs role, Predictions 2022, blockchain technologies, role of CISOs

In 2021, we saw many attacks on critical infrastructure and supply chains, and these attacks are likely to continue in 2022. I’ve identified this as one of the top trends for 2022.

By Chuck Brooks, President, Brooks Consulting

Critical Infrastructure (CI) and supply chain will be targeted more in 2022 (state-sponsored, cybercriminal gangs) with ransomware and malware attacks. CI is a high-profile target for both geopolitical and economic considerations for hackers. This critical infrastructure includes defense, oil and gas, electric power grids, health care, utilities, communications, transportation, education, banking, and finance. Protecting critical infrastructure Industrial Control Systems (ICS), Operational Technology (OT), and IT systems from cybersecurity threats is a difficult endeavor. They all have unique operational frameworks, access points, and a variety of legacy systems and emerging technologies. Protecting the critical infrastructure supply chain in IT and OT systems will be a public and private sector priority. A special concern for the supply chain is third-party risk and their partners’ visibility in the chain. Investment and risk strategies will expand in conducting vulnerability assessments and filling operational gaps with cybersecurity tools. Tools include Data Loss Prevention (DLP), encryption, identity and access management solutions, log management, and SIEM platforms. 

Despite efforts to attract workers to security and tech jobs, the qualified cybersecurity worker shortage will continue to pose major operational challenges. The public and private sectors are currently facing challenges from a cybersecurity talent shortage. A report from the firm Cybersecurity Ventures estimates there are 3.5 million unfilled cybersecurity jobs in 2021. And 2022 is not showing any signs of improvement in hiring.  

The Internet of Things (IoT) will pose a growing cybersecurity risk. IoT’s exponential connectivity is an ever-expanding mesh of networks and devices. IoT incorporates physical objects communicating with each other, including machine-to-machine and machine-to-people. It encompasses everything from edge computing devices to home appliances, from wearable technology to cars. IoT represents the melding of the physical world and the digital world.  They differ from conventional computers as they are highly specialized and usually small, both in physical size and computing capacity. A cybersecurity challenge of IoT is the lack of visibility and the lack of ability to determine if a device has been compromised and not performing as intended. The increased integration of endpoints combined with a rapidly growing and poorly controlled attack surface poses a significant threat to the Internet of Things. Protecting such an enormous attack surface is no easy task, especially when there are so many varying types and security standards on the devices. It will only worsen in 2022 as connectivity grows.


About the Author

Chuck_BrooksChuck Brooks is the President of Brooks Consulting International and Adjunct Faculty at Georgetown University.He is a Technology Evangelist, Corporate Executive, Speaker, Writer, and a Government Relations, Business Development, and Marketing Executive. With over 74,000 followers on LinkedIn, 16,000 followers on Twitter, and 5,000 followers on Facebook, Chuck has built a sizeable community on social media, where he regularly shares the latest happenings and updates from the cybersecurity industry. He was named The Top 5 Tech People to Follow on LinkedIn. He’s among the world’s 10 Best Cyber Security and Technology Experts, by Best Rated; in the Top 50 Global Influencer in Risk, Compliance, by Thomson Reuters; the Best of The Word in Security, by CISO Platform, and IFSEC’s #2 Global Cybersecurity Influencer. Chuck was featured in the 2020 and 2021 Onalytica Who’s Who in Cybersecurity as one of the top Influencers for cybersecurity issues and risk management. He was also named one of the Top 5 Executives to Follow on Cybersecurity by Executive Mosaic; the Top Leader in Cybersecurity and Emerging Technologies by Thinkers360, and Top Global Top 50 Marketer by Oncon in 2019. Chuck has an MA in International Relations from the University of Chicago, a BA in Political Science from DePauw University, and a Certificate in International Law from The Hague Academy of International Law.