Search AFCEA Site

Enable breadcrumbs token at /includes/pageheader.html.twig

President's Commentary: Strategically Securing Critical Infrastructure

By Lt. Gen. Susan S. Lawrence, USA (Ret.)
Forums that bring together operators, policymakers, industry, technologists and academia are not optional. Credit: TensorSpark-stock.adobe.com generated with AI
Forums that bring together operators, policymakers, industry, technologists and academia are not optional. Credit: TensorSpark-stock.adobe.com generated with AI

The new national cyber strategy—which may be released before this column is published—is expected to focus on six pillars, according to National Cyber Director Sean Cairncross, who has previewed the strategy at multiple venues. The pillars include critical infrastructure cybersecurity, shaping adversary behavior, improving the regulatory environment, government modernization and security, dominating emerging technologies, and federal workforce and cybersecurity skills gaps.  

The strategy is being developed in an era of increasingly sophisticated, persistent, and strategic threats to our critical infrastructure. Adversaries, such as Volt Typhoon and Salt Typhoon, hacker groups aligned with the Chinese Communist Party (CCP), don’t need to breach fences and cause physical damage with bolt cutters, backhoes or bombs when they can slip unnoticed into networks and systems. 

CCP-linked groups have prepositioned themselves on our critical infrastructure, including communications, energy, transportation and water systems, for potential disruption of our operational technologies in case China chooses to invade Taiwan. 

Meanwhile, emerging technologies introduce new vulnerabilities even as they offer powerful tools for defense. Artificial intelligence and machine learning can accelerate threat detection and automate response, but adversaries are equally quick to weaponize them for more adaptive intrusions and disinformation operations. 

Quantum computing, meanwhile, promises processing power breakthroughs but threatens to upend encryption standards long before quantum-resistant protocols can be fully deployed. And as critical infrastructure sectors adopt interconnected digital twins, advanced sensors and autonomous systems, the attack surface dramatically expands. Harnessing these technologies responsibly—while mitigating their risks—will define the next frontier of infrastructure security.

The zero-trust philosophy that no user, device or location earns implicit confidence is becoming integral to infrastructure security. The Cybersecurity and Infrastructure Security Agency’s (CISA’s) updated cross‑sector cybersecurity performance goals, which align with the most recent cybersecurity framework from the National Institute of Standards and Technology, push operators to adopt outcome‑driven practices that integrate governance, third‑party risk and zero trust‑aligned controls across both information technology and operational technology.  

 

 

 

 

 

Improving our national posture also demands better visibility across networks. Implementation of the Cyber Incident Reporting for Critical Infrastructure Act may represent a turning point. The proposed rule requires organizations to report substantial cyber incidents within 72 hours and ransomware payments within 24 hours, enabling the government to deploy assistance quickly and share threat indicators before attacks spread. 

But regulations alone cannot prepare operators to defend against the next intrusion. Readiness must be cultivated. In that vein, the Department of Energy’s (DOE) Operational Technology Defender Fellowship is an immersive, one-year program that equips operational technology security leaders across the energy sector with scenario‑based training and direct collaboration with Cairncross, as well as DOE, CISA, NSA, the FBI and other federal experts. Its purpose is practical and strategic: to create a community of defenders who understand adversary tactics and provide better protection. 

In some appearances, Cairncross has stressed the need for cooperation across government agencies and industry. That collaborative ethos extends beyond U.S. borders. For example, through its 2025–2026 International Strategic Plan, the United States and its Five Eyes partners are deepening information‑sharing, aligning defenses and addressing shared systemic risks across interconnected infrastructures. Their joint statements underscore a collective recognition that disruptions in one nation can cascade across many.

Securing critical infrastructure in this era is a continuous operation to thwart adversaries and a cooperative endeavor built on intelligence sharing, constant verification, clear reporting, technology and workforce investment, and unwavering partnership. The threats we face are unprecedented. But our community—government, industry and academia—working together can counter them. 

Forums that bring together operators, policymakers, industry, technologists and academia are not optional; they are strategic infrastructure in their own right. If we continue to align technology, policy and people with a unified purpose, we can ensure that the services Americans rely on remain resilient, even against adversaries determined to turn our own systems against us.

Comments

The content of this field is kept private and will not be shown publicly.
About text formats

Plain text

  • No HTML tags allowed.
  • Lines and paragraphs break automatically.
  • Web page addresses and email addresses turn into links automatically.
Enjoying SIGNAL?
SIGNAL Magazine is available through subscription or as part of your membership in AFCEA.
SUBSCRIBE NOW
LEARN MORE
JOIN AFCEA