Critical Infrastructure Cyber Defense

SAN FRANCISCO - March 8, 2024 - PRLog -- A Task Force of the Tortora Brayda Institute (TBI), in partnership with the Association of U.S. Cyber Forces (AUSCF) and the National A.I. & Cybersecurity ISAO, convened a council of 30 experts and thought leaders to focus nonprofit efforts on developing private-public partnerships to rapidly and sustainably improve the cyber resilience of the U.S. critical infrastructure with particular emphasis on mid-size company contributions.

Alycia Farrell, Board Member, AUSCF and TBI, works directly with SMB businesses within the Defense Industrial Base, tracking cyber threats to critical infrastructure and various sectors of the U.S. supply chain. "The world of CMMC and the DIB is a microcosm of the larger issue impacting the overall US commercial industrial base. While DoD is implementing the CMMC certification process to try and get a handle on increasing cybersecurity practices and compliance, the efforts and costs associated with mandating these practices will increase the financial burden on these companies to the point where it will negatively impact our national security supply chain. These companies will seek support and assistance completing the compliance, assessment, and audit processes."

The current geopolitical situation presents an exceptional threat to the critical infrastructure of the United States and its allies. From State-sponsored malware placed in operational technology to sabotage essential utilities to actual attacks on small water systems across the country, the U.S. is no longer a sanctuary from foreign attacks. U.S. citizens are squarely in the crosshairs of adversaries wanting to coerce national policymakers. The Biden Administration's Federal Cyber Security Strategy and related implementation plan emphasize the importance of securing critical infrastructure in its totality, not just the market leaders.

Lucian Niemeyer, CEO of the national non-profit Building Cyber Security, with decades of experience as a former Assistant Secretary of Defense, a top defense official in the White House Office of Management and Budget, and TBI Board Member commented: "When do cyber sabotage and attacks by State sponsors cross the threshold of an act of war?"  As an example, in partnership with the UK, Canada, and Australia, CISA, NSA, and FBI issued a Joint Advisory on February 7th, 2024, announcing that China state-sponsored cyber actors are seeking to pre-position themselves on I.T. networks for disruptive or destructive cyberattacks against U.S. critical infrastructure in the event of a significant crisis or conflict with the US.

"This is a direct act of cyber sabotage. We can't continue relying on the infrastructure operators to identify and fight back State-Sponsored attacks. We must unite all federal agencies under one lead entity with the responsibility and accountability to work with all private sector owners to close the gaps in the cyber protections of our national infrastructure at the federal, regional, State, and local levels. Continuing to rely on private companies for our Nation's cyber defense will ultimately lead to a national catastrophe."

The Cyber Eagle Project is formed around two core pillars: developing a technological framework and identifying funding opportunities. Mikko Niemela, CEO of Cyber Intelligence House, commented: "Our platform will contribute to the overall effort by providing companies with the benefit of ten years of research data collection in collaboration with INTERPOL on the explicit risk and specific vulnerabilities that companies face from adversaries. With AI, we can deliver a user-friendly summary and comparison of the current level of cybersecurity."

This end-to-end process would ensure the US achieves unparalleled critical infrastructure security improvements in record time and could lead its allies to do the same.