The Cybersecurity & Infrastructure Security Agency (“CISA”) has just released CISA Insights: Preparing for and Mitigating Foreign Influence Operations Targeting Critical Infrastructure, which provides proactive steps organizations can take to assess and mitigate risks from information manipulation. Malicious actors (i.e., Russia) may use tactics—such as misinformation, disinformation, and malinformation—to shape public opinion, undermine trust, and amplify division, which can lead to impacts to critical functions and services across multiple sectors. Current social factors—including heightened polarization and the ongoing global pandemic—increase the risk and potency of influence operations to U.S. critical infrastructure. CISA encourages leaders at all organizations to review the CISA Insights and follow the guidance to assess risk and increase resilience.
What can you do? CISA suggests:
- Assess the current information environment
- Identify your vulnerabilities
- Fortify your own communication channels
- Engage in proactive communications
- Develop (or revisit) your incident response plan.
CISA also suggests adopting the TRUST model for incident response, to help reduce risk and protect stakeholders:
- Tell your story
- Ready your team
- Understand and assess
- Strategize your response
- Track the outcomes.
Or, as the lyrics of Lin-Manuel Miranda in Hamilton remind us, “who tells your story” truly matters.