Hurricanes + Security Breach

Blog Date:  10/6/2017
Author:  Ray Coulombe
Category(s):  General Interest

In fact, the ASIS Crisis Management and Business Continuity Council helps promote crisis management, business continuity, and organizational resilience standards for best practices worldwide. They aim to be ASIS’s authoritative source for the most reliable crisis management and organizational resilience knowledge and support the objectives of ASIS International by providing access to superior quality crisis management and resiliency education. You can see more about how ASIS responded to the disaster here.

But is it only in times of natural disaster that we need to worry about security of our infrastructure?

In 2016, the U.S. Department of Justice indicted an Iranian national for repeatedly obtaining unauthorized access to the industrial control systems of the Bowman Dam in New York State. The attacker gained information regarding the status and operation of the dam, including the gate responsible for controlling water levels and flow rates. This access could have had led to potentially devastating effects, like a flood, but fortunately, the gate was disconnected for maintenance during the time of the attack.

But chances are slim that we will always be that lucky?

An attack on the nation’s water infrastructure, including 160,000 public drinking water systems and 16,000 public wastewater systems according to the Department of Homeland Security, is a distinct possibility. Water systems are becoming increasingly connected, creating opportunity for attackers to cripple or contaminate the system and cause major disruption. Let’s call this category “unnatural disasters”.

In response to this type of threat, the U.S. National Infrastructure Advisory Council was commissioned by the president’s National Security Council to review the federal government’s capability to secure critical infrastructure against cyberattack.

Overall, we need to find ways to better assist owners and operators of water facilities and dams to scan and sanitize their systems of any existing malware, encourage growth of cybersecurity expertise, heighten deterrence against criminal and nation-state hackers, enhance actionable information sharing, including of classified intelligence, and further assist even the smallest operations to make cyber improvements. This is all in addition to the lowest hanging fruit – educating employees to be cyber-aware. While technology can help protect against, and recover from, cyberattacks, there is no one magic technological solution and ultimately protecting the nation’s water system requires that both the government and the private sector step up their security efforts! It’s an ongoing process.


Resource Blogs

Most Recent Blogs Listed for Ray Coulombe.


Stay Safe! While Traveling This Summer

It’s summer vacation time! The last thing you need to worry about it is getting your identity stolen while you’re sitting on a beach somewhere exotic. In 2016, more than 15 million Americans were victims of identity theft, up 16 percent from the previous year, according to Experian. Plus, about 33 percent of that fraud took place when people were traveling. Here’s a few tips to staying safe all summer while traveling...
read more -->


Rethinking Cabling

Cat 5e became an ANSI/TIA/EIA standard in 2001, Cat 6 in 2002, and Cat 6a in 2008. However, it may be extremely useful to consider taking advantage of other existing cabling infrastructure in lieu of running new. Read more to learn how to approach cabling.
read more -->


Off the Beaten Path at ISC West

This year at ISC (the International Security Conference and Exposition), I was determined to try to see the latest iStechnologies hiding in the nooks and crannies—literally! I visited booths in the back, the basement, small kiosks hidden inside larger vendor books, and throughout the Emerging Technology Zone.

In case you missed the show, I’ll round up some of the best new technologies and companies to keep an eye on. Read more.
read more -->


Cyber Crime Taking Down Cities

Earlier this year, in March, the City of Atlanta’s nearly 8,000 employees heard words they never thought they would hear: “It’s okay to turn your computers on.” Their computers were powered off for five days. In those five days Atlanta residents could not pay traffic tickets, water bills, or report city issues. Read how ransomware impacted this metropolitan area.
read more -->


A Few Thoughts on K-12 School Security

There is no one size fits all when it comes to K-12 school security. Schools vary in so many ways: size, age, local environment, affluence, culture, governance, and more. Read some helpful tips and resources that might just help your school be better prepared.
read more -->