https://www.americancityandcounty.com/wp-content/themes/acc_child/assets/images/logo/footer-logo.png
  • Home
  • Co-op Solutions
  • Hybrid Work
  • Commentaries
  • News
  • In-Depth
  • Multimedia
    • Back
    • Podcast
    • Latest videos
    • Product Guides
  • Resources & Events
    • Back
    • Resources
    • Webinars
    • White Papers
    • IWCE 2022
    • How to Contribute
    • Municipal Cost Index – Archive
    • Equipment Watch Page
    • American City & County Awards
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Cookie Policy
    • Privacy Statement
    • Terms of Service
American City and County
  • NEWSLETTER
  • Home
  • Co-op Solutions
  • Hybrid Work
  • Commentaries
  • News
  • In-Depth
  • Multimedia
    • Back
    • Podcasts
    • Latest videos
    • Product Guides
  • Resources/Events
    • Back
    • Webinars
    • White Papers/eBooks
    • IWCE Expo
    • Calendar of Events
    • How to Contribute
    • American City & County Awards
    • Municipal Cost Index
    • Equipment Watch Page
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Cookie Policy
    • Privacy Stament
    • Terms of Service
  • newsletter
  • Administration
  • Economy & Finance
  • Procurement
  • Public Safety
  • Public Works & Utilities
  • Smart Cities & Technology
  • Magazine
acc.com

Commentaries


Article

Cyber-first infrastructure should be a priority

Cyber-first infrastructure should be a priority

  • Written by Jim Richberg
  • 14th December 2021

Now that the battle has ended and the $1 trillion infrastructure bill is law, another challenge has come into stark relief—how to build this critical infrastructure securely. The only way to do this is to have a “cyber-first” mindset when developing these projects across the country.

To its credit, the legislation sets aside nearly $2 billion for actions specifically tied to cybersecurity, including a cyber grant program that will distribute $1 billion over four years to state and local governments.

But just funding the initiative isn’t enough. While some money has been earmarked for cyber, it’s imperative that cybersecurity be instantiated into all types of infrastructure. In fact, if the right steps are taken from the start, the recent infrastructure package could become a catalyst to improve the strength and security of all networks.

When it comes to infrastructure like roads and bridges, cybersecurity may not be the first thing you think about, but digital networked technology is ubiquitous, working behind the scenes. Roads and bridges have traffic and stress sensors to improve performance and safety. Public transportation, rail and airports incorporate automation and networks to keep everything running smoothly and safely. Water, power and other utilities depend on countless networked control systems. Some of these already have been exploited by threat actors, and many of the small utilities they target are systemically underprepared.

The rapid uptick of infrastructure projects alone will present an immense challenge. The convergence of operational technology (OT) and information technology (IT) in critical infrastructure has made it easier for sophisticated cybercriminals to exploit OT vulnerabilities. Threat actors are targeting and attacking previously air-gapped OT devices and systems that are now accessible thanks to IT-OT convergence. The digital nature of our upgraded infrastructure will bring both risk as well as opportunity, and we should ensure that we address both.

In fact, a Dec. 2 Government Accountability Office (GAO) report said, “If the federal government doesn’t act with greater urgency, the security of our nation’s critical infrastructure will be in jeopardy.”

The GAO found that to address critical infrastructure cybersecurity, the federal government needs to develop and execute a comprehensive national cyber strategy and strengthen the federal role in protecting the cybersecurity of critical infrastructure. The report also said that of the 900 GAO cyber recommendations agencies have failed to implement, 50 of them are related to critical infrastructure cybersecurity. Even the report’s title—”Federal Actions Urgently Needed to Better Protect the Nation’s Critical Infrastructure”—is a clarion call for a cyber-first path.

It is better to build cyber protocols in now as we plan and implement these infrastructure upgrades rather than spend twice and try to play catch up later especially if critical vulnerabilities are being exploited and time is of the essence.

The infrastructure law presents a once in a lifetime opportunity to improve the fundamental safety and security of our nation’s infrastructure. The networks that power the nation’s infrastructure simply cannot be allowed to remain vulnerable. Too much is at stake, so we have to do it right

 

Jim Richberg is public sector field CISO at Fortinet. He formerly served as the national intelligence manager for cyber in the Office of the Director of National Intelligence, where he set national cyber intelligence priorities.

Tags: homepage-featured-1 homepage-featured-3 homepage-featured-4 Administration Economy Public Safety Public Works & Utilities Commentaries Administration Economy & Finance Public Safety Public Works & Utilities Article

Most Recent


  • technology
    To ensure success when buying tech, local governments need to do their homework
    Municipal officials need to analyze their agency’s current IT setup as they consider upgrades, says Lauren Powalisz, principal, state, local higher education leader, Deloitte Consulting, a global management consultancy that provides technology, strategy and operations and human capital consulting for many industries, including the public sector. “Performing a current IT landscape assessment is an integral, […]
  • transportation
    U.S. Department of Transportation announces $1.5M funding opportunity
    Applications are open for $1.5 billion in grants through the U.S. Department of Transportation’s Rebuilding American Infrastructure with Sustainability and Equity program. The funding, which will be distributed to selected projects next year, helps communities across the country carry out transportation-related projects that significantly impact local residents. “Across the country, I have seen firsthand how […]
  • Energy department announces $31M for local, state energy efficiency and conservation efforts
    In support of the nation’s push toward clean energy, the U.S. Department of Energy announced this month the recipients of more than $31 million in investments through the Energy Efficiency Conservation Block Grant Program, which is funded by the Bipartisan Infrastructure Law. The money will support projects in 19 states and local communities, and is […]
  • sustainability
    Cities can achieve sustainability wins with micro transportation, green infrastructure and climate resilience planning
    In 2024, local governments will continue working on several sustainability targets, says Stephen McCauley, associate professor of teaching at Worcester Polytechnic Institute (WPI) in Worcester, Mass. He says those targets and areas of interest include micro transportation, expanding electric vehicle charging infrastructure and reducing battery fire risk in electric vehicles. He predicts municipal governments will […]

One comment

  1. Avatar Kristian 15th December 2021 @ 9:26 am
    Reply

    I agree, cyber security is often an infrastructure that is being underrated or pushed to when it’s actually too late.
    We implemented a software by apptec to manage our devises remotely and securely. This has helped us immensely during these times and we can just reccomend everyone else to invest in cyber security before its too late.

Leave a comment Cancel reply

-or-

Log in with your American City and County account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • Cybersecurity resilience begins with strategy and collaboration
  • Cloud security is key to cybersecurity resilience in state and local governments
  • October is Cyber Security Awareness Month—So what’s new?
  • As cybercrime increases, local governments face an uphill battle in hardening digital defenses

WHITE PAPERS


Best Practices for Grantees and Grantors: Grant Compliance

5th December 2023

The Four Key Components of Successful Digital Transformation

22nd November 2023

Navigating Today’s Greatest Workplace Challenges

3rd October 2023
view all

Webinars


Grant Preparedness: Unlocking Funding Opportunities for Your Success

10th August 2023

2023 State of Public Sourcing: Taking Local Governments into a Bright Future

1st August 2023

Stop Playing with Fire: How to Manage Infrastructure Asset Risk So You Know You’re Covered

20th June 2023
view all

Podcast


Podcast: Disaster Management Symposium preview

13th October 2023

Young Leaders Episode 4 – Cyril Jefferson – City Councilman, High Point, North Carolina

13th October 2020

Young Leaders Episode 3 – Shannon Hardin – City Council President, Columbus, Ohio

27th July 2020
view all

GALLERIES


Gallery: Top 10 domestic city travel destinations this Thanksgiving season

22nd November 2023

Gallery: 10 American cities that have seen substantial population growth in the last five years

6th November 2023

Gallery: 10 of America’s greenest large cities

24th October 2023
view all

Newsletters

Sign up for American City & County’s newsletters to receive regular news and information updates about local governments.

Resale Insights Dashboard

The Resale Insights Dashboard provides model-level data for the entire used equipment market to help you save time and money.

Municipal Cost Index

Updated monthly since 1978, our exclusive Municipal Cost Index shows the effects of inflation on the cost of providing municipal services

Media Kit and Advertising

Want to reach our digital audience? Learn more here.

DISCOVER MORE FROM INFORMA TECH

  • IWCE’s Urgent Communications
  • IWCE Expo

WORKING WITH US

  • About Us
  • Contact Us

FOLLOW American City and County ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2023 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.