ICS 2022

Over the last few years there has been a significant increase in Cybersecurity regulation coming from DHS/CISA that requires Critical Infrastructure owners and operators to improve their reporting mechanisms and overall cyber security posture. For example Airports and Rail operators were required to assign a Cybersecurity POC to report cyber incidents to DHS/CISA. Are these complex ecosystems ready to identify and report cyber incidents? In addition the Infrastructure Investment and Jobs Act (IIJA) is setting up to distribute $1 billion dollars for cybersecurity improvements at the state an local levels. Based on what we’ve seen: are Critical Infrastructure operators and owners ready to comply with the new cybersecurity requirements and are they effectively positioning to submit grant applications to get some of the government help?

Some of the structural challenges with IT/OT security to including technological and cultural differences are starting to be evident in this transition. This presentation would explore some of those challenges and identify some of the potential gaps that Critical Infrastructure owners and operators are facing and suggest some actions to be better prepared in the face of increased regulation and significant government investments.
 
Key Takeaways:

• Awareness of new DHS/CISA cybersecurity current and future regulations
• IIJA funding available and requirements for Grant applications
• How structural IT/OT convergence challenges are impacting compliance with regulations (Airports, Rail and transit, Utilities, etc.)
• What Critical Infrastructure owners and Operators should consider to be better prepared to comply with regulation and apply for Grants