The Industrial Cyber Threat Landscape
Given my experience in the military and intelligence community, training the world’s defenders, and
leading the world’s best against the world’s worst, I would like to make three points today that are most
relevant for this committee.
- The first, is that the industrial threat landscape is largely unknown. This demands that we seek to
change this through an intelligence-driven approach that will then be used to inform our
innovations, best practices, standards, and regulations.
- The second is that regulation has served a purpose in the private sector such as electric grid
operators, but it is appropriate and needed to pause new regulation to allow the community to
develop best practices and out-innovate our adversaries.
- The third is a recommendation for the new Department of Energy’s Office of Cybersecurity,
Energy Security, and Emergency Response (CESER) to focus on new and continued relationships
between the DOE and the private sector while respecting that most of the knowledge of the
threats and the innovation to counter them is occurring in the private sector. This drives a
requirement for communities to work together without interfering in each’s respective mission.
Back to Whitepapers