Addressing the Lag in US Critical Infrastructure Cybersecurity
As the four-year anniversary of the Colonial Pipeline attack approaches, it is evident that cybersecurity within US critical infrastructure, specifically operational technology, is falling behind the nation’s adversaries. Despite the wake-up call that the attack provided, little progress has been made in securing critical infrastructure networks.
Michael Garcia, associate chief of policy at the US Cybersecurity and Infrastructure Security Agency, highlighted some positive outcomes from the Colonial Pipeline incident. Speaking at the RSAC Conference 2025 panel on securing critical infrastructure, Garcia emphasized that the attack raised awareness about the real-world consequences of ransomware and cyber-attacks on operational technology. However, he also acknowledged that more needs to be done.
During his opening remarks, Garcia posed a rhetorical question: “Have we done enough?” The resounding answer was no.
Panelists at the conference agreed that intelligence and information sharing are crucial for effective defense and response strategies. However, sharing information with the federal government can be challenging, leading to uncertainty about who to contact in the event of a cybersecurity incident.
To learn more about the challenges facing US critical infrastructure cybersecurity, continue reading the full article on Dark Reading, a trusted partner site of DCN.
