Today, the Cybersecurity and Infrastructure Security Agency (CISA) announced the kickoff of Critical Infrastructure Security and Resilience Month. Yesterday, the White House issued a Presidential Proclamation to commemorate November as Critical Infrastructure Security and Resilience Month and called on Americans to recognize the importance of this month to enhance our collective national security and resilience.
“The safety and security of our nation depends in large part on the resilience of our critical infrastructure. All critical infrastructure owners and operators must prepare for potential disruption—be able to respond with agility and to recover rapidly to minimize impacts to the services Americans rely on every hour of every day,” said CISA Director Jen Easterly. “This Critical Infrastructure Security and Resilience Month, we are asking everyone to resolve to be more resilient by taking actionable steps to plan and exercise to withstand the impact of disruption.”
This November, CISA is asking everyone to Resolve to be Resilient by preparing and investing in resilience today, so that, as a nation, we can recover quickly in the event of an incident tomorrow. We are highlighting practices critical infrastructure organizations can implement to recover rapidly in the aftermath of any significant disruption:
- Assess Your Risk. Organizations should identify their most critical functions and assets, define dependencies that enable the continuity of these functions, and consider the full range of threats that could undermine functional continuity.
- Make a Plan and Exercise It. Organizations should perform dedicated resilience planning, determine the maximum downtime acceptable for customers, develop recovery plans to regain functional capabilities within the maximum downtime, and test those plans under real-life conditions to ensure the ability to operate through disruption.
- Continuously Improve and Adapt. Organizations should be prepared to regularly adapt to changing conditions and threats. This starts with fostering a culture of continuous improvement, based on lessons learned from exercises and real-world incidents, and evolving cross-sector risks.
We encourage you to visit CISA’s Critical Infrastructure Security and Resilience Month webpage for more information, resources and toolkit: cisa.gov/CISR. Be sure to follow us on social media and join the Resolve to #BeResilient conversation.