The US Department of Homeland Security and its Cybersecurity and Infrastructure Security Agency (CISA) released al list of national critical functions of government and private sector that have vital importance to the US national and economic security, public health, and safety. The list covers all areas of critical infrastructures and divides them into four broad categories: connect, distribute, manage, and supply. The main purpose of the list is for cyber risk management and prioritisation in incident response and decision-making. The next step for CISA is the creation of a Risk Register to identify scenarios that could potentially cause national-level degradation to national critical functions and, according to the CISA director, ‘map out how a single digital threat might ricochet across numerous industries’.
Cybersecurity is among the main concerns of governments, Internet users, technical and business communities. Cyberthreats and cyberattacks are on the increase, and so is the extent of the financial loss.
Yet, when the Internet was first invented, security was not a concern for the inventors. In fact, the Internet was originally designed for use by a closed circle of (mainly) academics. Communication among its users was open.
Cybersecurity came into sharper focus with the Internet expansion beyond the circle of the Internet pioneers. The Internet reiterated the old truism that technology can be both enabling and threatening. What can be used to the advantage of society can also be used to its disadvantage.