Institute for Critical Infrastructure Technology 2022 Spring Briefing Roundup

Yesterday, I attended the morning session of the ICIT (Institute for Critical Infrastructure Technology) 2022 Spring Briefing. It was the first in-person conference I’ve attended in two years and it was well attended.  There were a few themes that emerged from the briefing that I believe all state and local government executives should note:

1. Physical and data security are merging faster than ever.  There are a number of factors contributing to this trend:
   1. The movement to remote work, resulting in networks with no boundaries across highly dispersed geographies.
   2. IoT, while it can provide great intelligence at the “edge”, also represents potential gateways to critical infrastructure and government agencies. 
2. One long-term key to success in establishing cyber security in government is establishing cyber literacy throughout the population and creating and maintaining good cyber hygiene in organizations – particularly government organizations representing critical infrastructure.
3. Organizations must assess their vulnerabilities in the context of the objectives of bad actors.  Do they want money, disruption, political outcomes, or something else?

A strong keynote address was delivered by Nitin Natarajan, Deputy Director of CISA.  Natarajan spoke about how the 500+ field personnel of CISA are tasked to work with state and local governments to assess and combat risks and threats and to provide a conduit to other federal agencies (e.g., FBI) that can help state and local government with cyber preparedness and other issues.  Following is a link to the CISA regional offices:  https://www.cisa.gov/cisa-regions.

CJIS GROUP tracks cybersecurity initiatives and programs in state and local government throughout the United States.  For more information on how we help cyber and physical security vendors work with state and local government, feel free to contact me at [email protected].