November is Critical Infrastructure Security and Resilience Month, a time when the entire nation is encouraged to take steps to reinforce these systems and be vigilant to threats that undermine collective security and economic prosperity. CISA has released messages recognizing this month with their enduring theme Resolve to be Resilient asking everyone to prepare and invest in resilience today, so that as a nation we can recover quickly in the event of an incident tomorrow.

CISA highlights practices critical infrastructure organizations can implement to recover rapidly in the aftermath of any significant disruption:

Assess Your Risk. Organizations should identify their most critical functions and assets, define dependencies that enable the continuity of these functions, and consider the full range of threats that could undermine functional continuity.

Make a Plan and Exercise It. Organizations should perform dedicated resilience planning, determine the maximum downtime acceptable for customers, develop recovery plans to regain functional capabilities within the maximum downtime, and test those plans under real-life conditions to ensure the ability to operate through disruption.

Continuously Improve and Adapt. Organizations should be prepared to regularly adapt to changing conditions and threats. This starts with fostering a culture of continuous improvement, based on lessons learned from exercises and real-world incidents, and evolving cross-sector risks.

Visit CISA’s Critical Infrastructure and Resilience Month webpage for more information and resources.