CYBERSECURITY AND CRITICAL INFRASTRUCTURE

Since the beginning of the Coronavirus threat, also known as COVID-19, Cybersecurity and Infrastructure Security Agency (CISA) has been monitoring the evolving virus closely, taking part in interagency and industry coordination calls, and working with critical infrastructure partners to prepare for possible disruptions to critical infrastructure.

Cybersecurity and Infrastructure Security Agency (CISA) continues to work closely with federal partners to prepare the nation for possible impacts of a COVID-19 outbreak. This whole-of-nation effort is led by Health and Human Services through the Centers for Disease Control, with all other federal agencies, including CISA, in supporting roles.

CISA.gov/coronavirus

Critical Infrastructure

Functioning critical infrastructure is particularly important to nation's during the COVID-19 response for both public health and safety as well as community well-being. Certain critical infrastructure industries have a special responsibility to continue operations during these unprecedented times.

This guidance and accompanying list are intended to support state, local, and industry partners in identifying the critical infrastructure sectors, and the essential workers needed to maintain the services and functions Americans depend on daily, and also need to be able to operate resiliently during the COVID-19 pandemic response. 

This document gives guidance to state, local, tribal, and territorial jurisdictions and the private sector on defining essential critical infrastructure workers. Promoting the ability of these workers to continue working during periods of community restriction, access management, social distancing, or closure orders/directives is crucial to community resilience and continuity of essential functions.

• Identifying Critical Infrastructure During COVID-19| CISA
• Guidance on the Essential Critical Infrastructure Workforce| CISA
• March 19, 2020: CISA Releases Guidance on Essential Critical Infrastructure Workers During COVID-19| CISA

Cybersecurity

The CISA Insights: Risk Management for Novel Coronavirus (COVID-19) provides executives a tool to help them think through physical, supply chain, and cybersecurity issues that may arise from the spread of Novel Coronavirus, or COVID-19.

On March 6, 2020 CISA released an alert reminding individuals to remain vigilant for scams related to Coronavirus Disease 2019 (COVID-19). Cyber actors may send email with malicious attachments or links to fraudulent websites to trick victims into revealing sensitive information or donating to fraudulent charities or causes. Exercise caution in handling any email with a COVID-19-related subject line, attachment, or hyperlink, and be wary of social media pleas, texts, or calls related to COVID-19.

On March 13, 2020, CISA released an alert encouraging organizations to adopt a heightened state of cybersecurity encouraging organizations to adopt a heightened state of cybersecurity when considering alternative workplace options for their employees. Remote work options-or telework-require an enterprise virtual private network (VPN) solution to connect employees to an organization's information technology (IT) network.

Contact CSI to report incidents, phishing, malware, and other cybersecurity concerns.

• Risk Management for Novel Coronavirus (COVID-19) |CISA
• March 13, 2020: Enterprise VPN Security | CISA
• March 6, 2020: Defending Against COVID-19 Cyber Scams | CISA

(Credited Information ; CISA (Cybersecurity and Infrastructure Security Agency)

Prevent Phishing From Occurring

This is a great opportunity to brush up on your security practices and also learn new techniques that keep your identity and data safe from harm. While there are virtually endless tips and tricks you can take to heart in improving your personal cybersecurity, some of which involve the use of complex and specific technologies like virtual private networks, let’s keep it simple and focus on phishing.

Phishing is a rudimentary but highly effective cyberattack. Unlike more sophisticated attacks, it is difficult to stop with modern cybersecurity solutions because it exploits human weakness, namely to trust communications that seem legitimate. Over 90 percent of cyberattacks may begin with phishing.

1.) Be skeptical of emails with urgent subject lines or calls of action

There’s a common technique in some political campaigns of sending direct email disguised as official documentation, to make a response more likely. If in doubt, do not engage.

2.) Don’t click any link you’re unsure about

Links are the active ingredients of phishing emails, the components that actually make the scams work. After reading through the boilerplate text about how someone will need personal and private information on a strange website, you’ll likely be asked to click on something.

3.) Never send sensitive information over email or an unsecured website Email is unavoidable for most people. It’s undoubtedly a quick and easy way to communicate, but it has major shortcomings in terms of its security. Any email that isn’t digitally signed and/or encrypted could have been tampered with, and it’s possible for message to be intercepted and read, too.

Since email encryption is relatively complex, a more practical approach for most people is to avoid sending any really sensitive details over email at all, whether you’re being asked by someone you know or, especially a stranger who may be scamming you. A common phishing tactic is to solicit incriminating information via unencrypted connection like HTTP websites.

4.) Know all signs of a phishing email

We’ve already discussed faux-urgency as a tip-off of a

phishing email, but it’s hardly the only one. Others to look

out for include:

• Misspellings.
• Grammatical mistakes.
• Including your email address in the subject line.
• No acknowledgement of your name.
• Requests to verify your account.
• Warnings that your account has been compromised.

DON’T RUSH TO CLICK HYPERLINKS

Hyperlinks are tricky. When they’re included in text, you can’t immediately see where they lead, meaning a simple click could take you somewhere you don’t want to go, like an adware-infested page. Consider hovering over them with a mouse, or copying them with a press and hold contextual menu on a touchscreen and pasting them into a separate document, before following them.

WIFI HOTSPOTS

Public wireless networks and hotspots are not always secure, which means that anyone could potentially see what you are doing on your mobile device while you are connected. Limit what you do on public WiFi and avoid logging in to key accounts like email and financial services on these networks. Consider using a virtual private network (VPN) or a personal / mobile hotspot if you need a more secure connection on the go.

With this knowledge and the practices we’ve covered already, you can greatly reduce the risk of being a phishing victim.

Providing confidence every step of the way.

Gallagher is a global leader in insurance, risk management & consulting services helping clients face challenges and providing effective solutions.

www.ajg.com

THANK YOU TO OUR FEATURED ASSOCIATE MEMBER! 

Osmose

CLICK THE BANNER FOR UPDATED INFORMATION AND RESOURCES RELATED TO COVID-19

Procedures For Requesting Mutual Aid

In the event of a disaster, the IMEA Mutual Aid program is designed to provide trained personnel and assistance to any municipality, IOU or electric cooperative in or outside of the state of Indiana. Our first priority is to dispatch crews to IMEA member communities.

1. Survey the extent of damage and determine the need for assistance, manpower and equipment.
2. If the emergency can be handled locally, or with minimal assistance call your neighboring municipal.
3. If the emergency/disaster is of a larger magnitude, or initially thought to be a local emergency, but the situation has changed, contact IMEA’s Safety and Training Director or the IMEA Coordinators.
4. When contacting Indiana Municipal Electric Association (IMEA) please provide the following information:
   
   1. Municipals or other entities that you have contacted, and the assistance being provided by that system.
   2. Number and type trucks and equipment needed.
   3. Number and classification of personnel needed.
   4. Weather or road conditions, or any other significant travel information.
   5. Where and to whom the crews should report. Provide a second contact person’s name for IMEA.

Contact Information

Find us just off I-69 in Noblesville, steps from Hamilton Town Center and a mile from Rouff Home Mortgage Music Center. Our conference center hotel offers more than 29,000 sq. ft. of event space. Enjoy free cooked-to-order breakfast and our complimentary evening reception daily.