Critical infrastructure exists to facilitate various aspects of our lives. It’s foundational to government operations at the federal, state and local levels and almost every other part of our society. From the energy that powers our businesses and homes to the water we drink — even the factories that manufacture the goods we see around us and use every day — all of this operates because of critical infrastructure.

The desire to enable greater data and information flow, digitalization and electrification over the past decade has increased our reliance on operational technology (OT) and critical infrastructure, making it more important than ever to effectively secure those systems.

Increased Risk for OT Systems

Across the U.S., we have begun to see an increase in cyberattacks targeting OT systems. Before the COVID-19 pandemic, the U.S. electrical system’s threat level was already assessed to be high by various threat intelligence reports.

Unfortunately, the pace and focus of these attacks have increased substantially over the past several months. This includes attacks originating both on the OT side of the house and traversing from IT to OT. Additionally, countries around the globe have faced malware and ransomware attacks against state and municipal governments, airports and water facilities.

Heightened Alert

The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) recently issued a joint alert that urges Department of Defense, National Security System, Defense Industrial Base and other U.S. critical infrastructure facilities to take immediate action to secure their OT assets, mitigate risk and reduce exposure across assets and control systems.

Working with an experienced partner to map out and prioritize the necessary steps to address the requirements outlined in this alert is an effective way to take action — and get assistance tailored to your organization’s needs. Every organization is different and, given the desire to respond quickly amid the heightened threat level, your plan should focus on effective mitigation of your system risks.

Moving toward a future with more secure OT systems and more secure critical infrastructure is imperative. Doing so means keeping the power on, keeping the water running and providing continued support to the other industries that maintain society as we know it.


Getting the help you need to build security into your OT systems is closer than you think.

Discover Our Services

Matt Morris is a managing director at 1898 & Co., part of Burns & McDonnell, where he leads the consultancy’s security, risk and critical infrastructure cybersecurity practices. Morris has 25 years of cybersecurity and digitalization experience and has served in leadership roles at startups, multinationals and global organizations. Throughout his career, he’s directed global strategy and investments and managed customer-facing operations. Additionally, he architected and led the world’s first managed industrial cybersecurity service at a global technology conglomerate.