The Evolution of Critical Infrastructure Protection

Despite the expanded focus on risk reduction - including advanced technology implementation, employee training, and the adoption of enforceable industry and federal security regulations such as NRC, NERC-CIP and HIPAA, attacks targeting critical infrastructure sectors continue to accelerate in both complexity and frequency.

Within critical infrastructure sectors, cyber risk is most commonly amplified by:

Flawed IT/OT integrations
Complexities of legacy SCADA systems
Lack of asset visibility
Insufficient number of skilled workers
Ineffective people, process and technology policies
Inadequate or unenforced remote worker and bring-your-own-device (BYOD) policies

In far too many situations, more than one of these vulnerabilities is present, threatening the systems that inherently run our day-to-day lives.