{"id":5263,"date":"2024-09-11T20:54:48","date_gmt":"2024-09-12T01:54:48","guid":{"rendered":"https:\/\/www.darkreading.com\/cybersecurity-operations\/undisruptable27-project-seeks-to-shore-up-local-critical-infrastructure"},"modified":"2024-09-11T20:54:48","modified_gmt":"2024-09-12T01:54:48","slug":"undisruptable27-project-wants-to-shore-up-critical-infrastructure-security","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2024\/09\/11\/undisruptable27-project-wants-to-shore-up-critical-infrastructure-security\/","title":{"rendered":"UnDisruptable27 Project Wants to Shore Up Critical Infrastructure Security"},"content":{"rendered":"
<\/a><\/div>\n
<\/div>\n

What would a worst-case scenario look like for your town? The power grid going out, leaving your community without electricity for days on end? Or a disruption to the local water supply? Or a cyberattack on the emergency medical response system and medical facilities, leaving people stranded, without access to care during life-threatening situations? <\/span><\/p>\n

These are the kinds of scenarios that <\/span>UnDisruptable27<\/a><\/span> seeks to prepare for\u2013cyberattacks against critical infrastructure in local communities across the United States\u2013focusing on four principal areas: water and wastewater; emergency medical care and hospital services; food supply chains; and local power supplies. <\/span><\/p>\n

The program is led by the Institute for Security and Technology, a nonprofit think tank that seeks to connect the technology world and the public sector, and kicked off this summer with a pilot program, funded by a $700,000 grant from Craig Newmark Philanthropies as part of the organization\u2019s Cyber Civil Defense initiative. The initial phase will focus on the nexus of water and emergency medical care. The project is spearheaded by Josh Corman, Executive in Residence at <\/span>IST<\/a><\/span> and co-founder of <\/span>I am The Cavalry<\/a><\/span> and CyberMedSummit. <\/span><\/p>\n

“Whether it\u2019s food or shelter or warmth, everyone relies on infrastructure to live. Bad actors know that, too. This isn\u2019t alarmism. It\u2019s a very real threat our country faces today. It\u2019s all our job to push governments and utilities and companies to be better on this stuff. That means extra work for maybe understaffed IT, and they can get very annoyed with me, okay if it helps prepare for the worst,” Craig Newmark says. “In the meantime, I\u2019m putting my money where my mouth is.”<\/span><\/p>\n

The project\u2019s initial phase involves engaging stakeholders and listening to their concerns and limitations, whether they\u2019re financial, technical or a combination of the two, says Megan Stifel, Chief Strategy Officer for the Institute for Security and Technology.<\/span><\/p>\n

Like the scramble to <\/span>prepare for Y2K<\/a><\/span>, the UnDisruptable27 initiative benefits from having a tangible timeline, whether any specific threats materialize, Stifel says. <\/span><\/p>\n

The call-to-action was spurred by public hearings earlier this year where Congress and U.S. government cybersecurity leaders explored the potential threats to infrastructure posed by China\u2019s <\/span>Volt Typhoon<\/a><\/span> group or other state-sponsored actors. The project’s goal is to make critical infrastructure supporting basic human needs “undisruptable” by 2027. <\/span><\/p>\n

“We are seeing more disruptions, larger disruptions, longer disruptions, and more public life- and safety-affecting disruptions. And that’s not okay. That trajectory is unsustainable,” says Corman. He calls areas like water and power delivery systems and other infrastructure “target-rich and cyber-poor,” meaning they represent a massive attack surface, yet lack the resources to adequately protect themselves from cyberattacks. <\/span><\/p>\n

“If we see hybrid conflict on top of the disruption trend that we already see, the average citizen is not prepared,” Corman says. “We don’t want panic and we don’t want preppers, but what we do think is no one should be blindsided or surprised by this, and we can make choices between now and an era of potential heightened geopolitical context or conflict context.”<\/span><\/p>\n

To help stress the need and get the public onboard, UnDisruptable27 is taking a page from the natural disaster preparedness playbook and leveraging communications strategies and narrative to influence communities to prepare. <\/span><\/p>\n

“We really haven’t reached the public, and that’s why the public continues to be disrupted and surprised every time there’s a Crowd Strike or NotPetya or an Ascension Health,” Corman says. “So we’re going to go down to meet owners and operators of these critical infrastructure sectors, municipal leadership in the last mile in these communities, and possibly, and probably even citizens directly for this education campaign. And what that means is we have to meet them where they are.”<\/span><\/p>\n

The group chose to initially focus on the intersection of water and health care because it\u2019s already in the public eye, according to Corman. <\/span><\/p>\n

One potential resource for local communities could come in the form of help from the Consortium of Cyber Security Clinics, a network of university-based clinics that train students to do direct engagement with under-resourced organizations who need help regarding their cybersecurity maturity. While in its early phases, Corman and UnDisruptable27 will identify areas of need and connect with municipalities and utilities. In later stages, the group hopes to partner with the clinics to connect those needing help with resources. <\/span><\/p>\n

Smaller organizations in local communities are incredibly vulnerable, says Sarah Powazek, Program Director of Public Interest Cybersecurity at the UC Berkeley Center for Long-Term Cybersecurity. These under-resourced communities can provide very attractive targets for cyber attackers, and projects like UnDisruptable27 have the potential to have significant impact.<\/span><\/p>\n

\u201cI think that the most important institutions to protect aren’t always the largest. I think we’re really missing this network of care at the community level. And I think we’re missing a strategy to help them protect themselves in a long term sustainable fashion. And I think that the UnDisruptable project is going to be one of many initiatives that is needed to help serve these institutions,\u201d Powazek says.<\/span><\/p>\n

Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

What would a worst-case scenario look like for your town?<\/p>\n","protected":false},"author":12,"featured_media":5264,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1],"tags":[809],"class_list":["post-5263","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized","tag-dark-reading"],"featured_image_urls":{"full":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/undisruptable27-project-wants-to-shore-up-critical-infrastructure-security.jpg?fit=1280%2C720&ssl=1",1280,720,false],"thumbnail":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/undisruptable27-project-wants-to-shore-up-critical-infrastructure-security.jpg?resize=150%2C150&ssl=1",150,150,true],"medium":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/undisruptable27-project-wants-to-shore-up-critical-infrastructure-security.jpg?fit=300%2C169&ssl=1",300,169,true],"medium_large":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/undisruptable27-project-wants-to-shore-up-critical-infrastructure-security.jpg?fit=640%2C360&ssl=1",640,360,true],"large":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/undisruptable27-project-wants-to-shore-up-critical-infrastructure-security.jpg?fit=640%2C360&ssl=1",640,360,true],"1536x1536":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/undisruptable27-project-wants-to-shore-up-critical-infrastructure-security.jpg?fit=1280%2C720&ssl=1",1280,720,true],"2048x2048":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/undisruptable27-project-wants-to-shore-up-critical-infrastructure-security.jpg?fit=1280%2C720&ssl=1",1280,720,true],"chromenews-featured":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/undisruptable27-project-wants-to-shore-up-critical-infrastructure-security.jpg?fit=1024%2C576&ssl=1",1024,576,true],"chromenews-large":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/undisruptable27-project-wants-to-shore-up-critical-infrastructure-security.jpg?resize=825%2C575&ssl=1",825,575,true],"chromenews-medium":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/undisruptable27-project-wants-to-shore-up-critical-infrastructure-security.jpg?resize=590%2C410&ssl=1",590,410,true]},"author_info":{"display_name":"Dark Reading","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/darkreading\/"},"category_info":"Uncategorized<\/a>","tag_info":"Uncategorized","comment_count":"0","jetpack_featured_media_url":"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/09\/undisruptable27-project-wants-to-shore-up-critical-infrastructure-security.jpg?fit=1280%2C720&ssl=1","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/5263","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/12"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=5263"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/5263\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media\/5264"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=5263"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=5263"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=5263"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}