Skip to content
SPECIAL

THREATS TO CRITICAL INFRASTRUCTURE IN IRAN CONFLICT

READ MORE

U.S. critical infrastructure still struggles with OT security

Rick Evanchec, section chief of the FBI Cyber Division's Critical Cyber Incident Operations, speaks on an RSA Conference panel with Tatyana Bolton, executive director of the Operational Technology Cybersecurity Coalition, Brad Stephenson, director of cybersecurity for Southern Company, and Michael Garcia, associate chief of policy with the US Cybersecurity and Infrastructure Security Agency, on April 28, 2025, in San Francisco. (FBI)

By Becky Bracken

Just a week shy of the four-year anniversary of the Colonial Pipeline attack, cybersecurity across US critical infrastructure, particularly operational technology, is lagging woefully behind the country’s adversaries.

A bit of good news came out of the infamous incident, according to Michael Garcia, associate chief of policy with the US Cybersecurity and Infrastructure Security Agency. During a panel discussion yesterday on securing critical infrastructure at RSAC Conference 2025, he said the attack jolted the collective conscience of the country awake to the fact that ransomware was a true threat, and that a cyberattack could have real-world operational technology consequences. But beyond awareness, little has improved across critical infrastructure networks.

“Have we done enough?” Garcia asked rhetorically during his opening remarks. “The answer is no.”

Read more at Dark Reading

Click to listen highlighted text!