The Blueprint for a Secure Cyber Future calls for a coordinated effort across the homeland security community to protect US critical information infrastructure and build a safer and more secure cyber ecosystem.
The report lists four goals for protecting critical information infrastructure: reduce exposure to cyber risk, ensure priority response and recovery, maintain shared situational awareness, and increase resilience. It also lists four goals for strengthening the cyber ecosystem: empower individuals and organizations to operate securely; use more trustworthy cyber protocols, products, services, configurations, and architectures; build collaborative communities; and establish transparent processes.
Specific actions advocated by DHS range from hardening critical networks and prosecuting cybercrime to raising public awareness and training a national cybersecurity workforce.
DHS will conduct an annual assessment of US performance in achieving these goals. “This approach will highlight where progress is being made and will identify gaps and resource requirements”, the report said.
Separately, the department’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) is warning that internet scanners are able to detect ICS that are accessible from the internet.
“The use of readily available and generally free search tools significantly reduces time and resources required to identify Internet facing control systems. In turn, hackers can use these tools to easily identify exposed control systems, posing an increased risk of attack”, ICS-CERT warned in a bulletin.