Reposted from CISA
The Department of Homeland Security (DHS), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Emergency Management Agency (FEMA) recently launched the new “Shields Ready” campaign to encourage the critical infrastructure community to focus on strengthening resilience. Resilience is the ability to prepare for, adapt to, withstand, and rapidly recover from disruptions caused by changing conditions. The new campaign was unveiled during a joint press conference at the Port of Long Beach alongside speakers from the Long Beach, California community and members of the U.S. Coast Guard.
Shields Ready complements CISA’s successful “Shields Up” campaign, which encourages critical infrastructure stakeholders to take specific, time-sensitive actions that reduce risk in response to specific threat intelligence during cyberattacks physical security threats, or natural disasters in response to specific threat intelligence. Shields Ready focuses more broadly and strategically on how to prepare critical infrastructure for a potential disruption and how to build more resilience into systems, facilities and processes by taking action before a crisis or incident even occurs. It also aligns with and complements FEMA’s Ready campaign. Each campaign webpage will feature and link to the other for easy reference and use. This focused approach highlights how critical infrastructure entities and other organizations can Resolve to be Resilient by integrating certain practices that will make themselves secure, resilient, and able to bounce back quickly and build back stronger from an incident, entities should:
- Identify Critical Assets and Map Dependencies: Determine the systems that are critical for ongoing business operations and map out their key dependencies on technology, vendors, and supply chains.
- Assess Risks: Consider the full range of threats that could disrupt these critical systems and the specific impacts such threats could pose to continuity of operations.
- Plan and Exercise: Develop incident response and recovery plans to reduce the impact of these threats to critical systems and conduct regular exercises under realistic conditions to ensure the ability to rapidly restore operations with minimal downtime.
- Adapt and Improve: Periodically evaluate and update response and recovery plans based on the results of exercises real-world incidents and an ongoing assessment of the threat environment.
See Original Post