Basic cybersecurity lapses are leaving US infrastructure exposed, top experts warn

Foreign adversaries are becoming more aggressive than ever before in efforts to target U.S. critical infrastructure, but owners and operators are still failing to meet basic security needs for their systems, a panel of former national security officials and leading executives warned Wednesday at a discussion co-hosted by Qrypt, World Wide Technology and the Global Cyber Innovation Summit.

That dynamic puts the nation’s most essential services, from the power grid to water treatment plants, in an exposed position against a rising tide of nation-state hackers, cybercriminals and other groups, the experts — former NSA Director Gen. Paul Nakasone, former FBI Director Christopher Wray, American Electric Power CEO and Director Bill Fehrman and Dragos CEO Robert M. Lee — said.

“A big part of this is, frankly, firewalls and hygiene and patching,” said Fehrman, adding that if “everybody had a firewall, everybody patched on time — that eliminates 90% of the risk right there for most people.”

Read more at NextGov/FCW