Best of GSX 2023: Critical Infrastructure Protection

Sabotage and Critical Infrastructure 

Energy-critical infrastructure is vital to the generation, transmission, distribution, and use of energy. These systems and assets enable the function of modern societies and economies. Protecting them from malicious sabotage is critical to ensure continued operation.

Critical Infrastructure Exercises: Trends, Lessons Learned, and Resources Available to Whole of Community Partners 

CISA Exercises will provide a one-hour session presenting recent analysis of trends in planning and capability gaps and lessons learned identified though exercises with SLTT and private sector critical infrastructure partners, with a focus on soft target security and man-made threat vectors. Additionally, the presentation will cover exercise resources available to whole of community partners highlighted against the trends discussed in Part 1.

Mistakes to Mayhem: Improving the Resiliency of Our Power Infrastructure 

The power infrastructure is critical to all, yet vulnerable to take down by varying levels of sophistication depending on the intent of the attacker(s). Since 2016, the United States has seen an increase in attacks on the power system, from shootings at substations to ransomware. But this issue of attacks is not limited to the United States. Countries around the world have seen an increase in attacks as well. 

During this session, we will talk with security experts from various countries around the world to hear about the threats, current methods, and means of protection, what works or doesn't work, and considerations for protecting this infrastructure into the future. 

Protecting your Facility or Venue from the Threat of a Terrorist Bombing Attack 

The Cybersecurity and Infrastructure Security Agency’s (CISA) Office for Bombing Prevention (OBP) leads the Department of Homeland Security’s efforts to implement national counter-improvised explosive device (C-IED) policy and enhance the nation’s ability to prevent, protect against, respond to, and mitigate the use of explosives against critical infrastructure—the private sector and federal, state, local, tribal, and territorial entities. Join OBP in a discussion of how we prepare the homeland through coordinated national and intergovernmental C-IED efforts, promote C-IED information sharing, and how you can prevent bombing attacks in your venues and facilities while increasing overall security.

Ukraine's IT Army: A Case Study in Ad-Hoc Cyberwarfare 

Launched as a response to the Russian invasion in early 2022, Ukraine’s IT Army is a good example of an ad-hoc, all-volunteer cyberwarfare force. Created to provide counter-digital offensive capabilities for the state, the unit has had a year of experience on the virtual battlefield. This talk will look at the group’s internal setup, its various operations, and what worked and what didn’t work in regards to this hacking task force's critical infrastructure protection capacity. Comparisons with other state-sponsored cyber units and key takeaways will also be provided.