1. New Trends in Political Warfare

            Advanced  cyber  weaponry  has  redefined  the  current  political  landscape,  making  it  easier  for
            cybercriminals operating within countries like Russia, to cripple entire organizations from overseas. The
            Russia-Ukraine crisis is already impacting the daily lives of Americans in various ways, including the
            spiking of gas prices.

            But it could get so much worse. Hackers are no longer focused on size or scope, and every organization
            is at risk. Cyber related sabotage may or may not be reserved for individual businesses. Instead, poorly
            designed and executed malware or ransomware could affect all aspects of the U.S. including all aspect
            of our critical infrastructure, e.g. banks, power plants, water treatment facilities and communications. We
            are entering an entirely new era of war, where weapons leave the physical domain and enter the digital,
            unseen, and behind-the-scenes attacks that will go unnoticed without the proper protections.



            2. The Cybersecurity Labor Shortage is Real

            The  global  cybersecurity  talent  shortage reached  an  estimated  3.5 million  workers  in  2021. Industry
            experts warned of this dynamic for the past several years; however, the demand for skilled workers
            continues to outstrip supply. Coupled with a growing threat landscape, asset owners are at risk.

            For OT environments, the talent shortage is further impacted by managed services providers that have
            focused on the IT side of the house. They offer IT cybersecurity services, but they lack an understanding
            of and the right capabilities for protecting OT. Firms often don’t understand OT environments, how they
            work, and how to restore them after an attack. They have limited knowledge of industrial control systems
            and other similar technologies. Many of these managed services vendors also “don’t know what they
            don’t know,” and tell companies they can help them with IT and OT, despite their knowledge gaps.

            These firms need to stop stating they have these capabilities. People will realize it’s a serious industry
            problem  that  requires  OT  specialization  and  expertise.  However,  in  the  current  environment,  OT
            cybersecurity experts are hard to find, can be prohibitively expensive, and are difficult to retain. With OT-
            focused managed security services, critical infrastructure companies can manage their risk better while
            remaining focused on their core missions.



            3. Security Loopholes Are Common

            Inherent software vulnerabilities allow for more data flow and connections, which correlates to attacks.
            This makes the stakes for identifying OT security headaches and diminishing risks extraordinarily high.
            OT security isn’t just an internal concern, relegated to the halls of individual organizations. It’s a national
            consideration. In  April  2021,  the  White  House  unveiled  a  100-day  cybersecurity  effort  to  protect  the
            nation’s  power  grid  amidst  increasing  concerns  regarding  the  state  of  the  nation’s  cybersecurity
            vulnerabilities. The effort was followed by an attack on a major oil resource, the Colonial Pipeline, further
            emphasizing the need for increased provisions. Repercussions of the hack were widespread, as The








                                                                                                              76