We’ve all heard it, there is no silver bullet for cybersecurity, but one practical path toward greater cyber resilience and a more secure cyber ecosystem for everyone might be Secure by Design, Secure by Default, and Secure by Demand.
While each utility is responsible for its own cybersecurity, we aren’t all experts. It’s impractical for asset owners and operators to understand everything there is to know about the devices and software used to build our infrastructure – all the features, functions, secure configurations, vulnerabilities, etc. – especially for smaller or less resourced utilities. However, there is a way forward and we all have a role to play. We must work with manufacturers, suppliers, and integrators to demand secure-by-design products and secure-by-default configurations for the systems we use.
As CISA suggests, the balance of cybersecurity risk should be shifted. Ultimately, asset owners cannot be absolved from cybersecurity risk, but it’s not fair to put the total cost on customers for securing products they use or for manufacturers to charge more to deliver a secure product.
Join us on October 23, 2024, at 2:00 PM, when presenters from CISA’s Secure by Design initiative will discuss the role we all have in creating a more cyber secure future and practical steps for asset owners to demand security when in product, software, and service procurement discussions.
WaterISAC members only.
Register any time. No need to cancel if you can’t attend.