The Emerging Threat Nexus
The cyber-physical systems embedded across all 16 critical infrastructure sectors are being exploited. These systems serve as the technological backbone of society and are vital to our national and economic security as well as our public health and safety.
Over the last decade, cyber-attacks are surfacing more than ever and are a cause for concern for both private and public sectors. Emerging threats to critical infrastructure are becoming increasingly complex and dangerous. Globalization and the increased commonality of information systems and networks have facilitated ruinous cyber-attacks from various threat actors- adversaries, foreign governments, terrorist organizations, criminal syndicates, disgruntled employees, lone actors, and “hacktivists” – with malicious intent.
Security vulnerabilities in software, hardware, firmware, and other critical infrastructure systems serve as an alternative access point(s) for threat actors to carry out their intended mission; to disrupt and or destroy an organization, its infrastructure, and operations. Converged operating environments (e.g., cyber- physical security, IoT/IIoT/IT) across critical infrastructure sectors has heightened the risk-probability for an undesirable event (UE), resulting in destructive consequences; human casualties, economic loss, mission degradation, and or psychological impact.