Securing the Nation’s Critical Infrastructures : A Guide for the 2021-2025 Administration book cover
1st Edition

Securing the Nation’s Critical Infrastructures
A Guide for the 2021-2025 Administration

Edited By

Drew Spaniel

ISBN 9781032152080
Published November 24, 2022 by CRC Press
314 Pages 21 B/W Illustrations

FREE Standard Shipping
USD $120.00

Prices & shipping based on shipping country


Book Description

Securing the Nation’s Critical Infrastructures: A Guide for the 2021–2025 Administration is intended to help the United States Executive administration, legislators, and critical infrastructure decision-makers prioritize cybersecurity, combat emerging threats, craft meaningful policy, embrace modernization, and critically evaluate nascent technologies.

The book is divided into 18 chapters that are focused on the critical infrastructure sectors identified in the 2013 National Infrastructure Protection Plan (NIPP), election security, and the security of local and state government. Each chapter features viewpoints from an assortment of former government leaders, C-level executives, academics, and other cybersecurity thought leaders. Major cybersecurity incidents involving public sector systems occur with jarringly frequency; however, instead of rising in vigilant alarm against the threats posed to our vital systems, the nation has become desensitized and demoralized. This publication was developed to deconstruct the normalization of cybersecurity inadequacies in our critical infrastructures and to make the challenge of improving our national security posture less daunting and more manageable. To capture a holistic and comprehensive outlook on each critical infrastructure, each chapter includes a foreword that introduces the sector and perspective essays from one or more reputable thought-leaders in that space, on topics such as:

  • The State of the Sector (challenges, threats, etc.)
  • Emerging Areas for Innovation
  • Recommendations for the Future (2021–2025) Cybersecurity Landscape


The Institute for Critical Infrastructure Technology (ICIT) is the nation’s leading 501(c)3 cybersecurity think tank providing objective, nonpartisan research, advisory, and education to legislative, commercial, and public-sector stakeholders. Its mission is to cultivate a cybersecurity renaissance that will improve the resiliency of our Nation’s 16 critical infrastructure sectors, defend our democratic institutions, and empower generations of cybersecurity leaders. ICIT programs, research, and initiatives support cybersecurity leaders and practitioners across all 16 critical infrastructure sectors and can be leveraged by anyone seeking to better understand cyber risk including policymakers, academia, and businesses of all sizes that are impacted by digital threats.

Table of Contents

Foreword by Glenn Gerstall

Chapter 1 Chemical

1.0 About the Chemical Sector

Drew Spaniel

1.1 ICS Security in the Chemical Sector—Beyond CFATS

Edward J. Liebig

Chapter 2 Commercial Facilities

2.0 About the Commercial Facilities Sector

Pete Slade

2.1 Digital Supply Chain Security: What Happens When an Organization’s Trusted Solutions Can No Longer Be Trusted?

Pete Slade and Dave Summitt

Chapter 3 Communications

3.0 About the Communications Sector

Tyler Healy

3.1 Accelerating Intelligence to Action

Tyler Healy

3.2 Zero Trust for Critical Infrastructure Requires a New Focus on Secure Communications

Glen Gulyas

Chapter 4 Critical Manufacturing

4.0 About the Critical Manufacturing Sector

Chris Grove

4.1 Transitioning Critical Manufacturing to Cyber Resiliency

Chris Grove

Chapter 5 Dams

5.0 About the Dams Sector

Laura Whitt-Winyard

5.1 Under-Funding Dam Sector Cybersecurity Leads to a Flood of Threats

Laura Whitt-Winyard

Chapter 6 Defense Industrial Base

6.0 About the Defense Industrial Base

Travis Rosiek and Robert F. Lentz

6.1 Accelerating DIB Cyber Security and Information Sharing Transformation

Travis Rosiek and Robert F. Lentz

6.2 What Is CMMC and Why Is It Important

Dr. Darren Death

Chapter 7 Election

7.0 About Election Security: Perspectives on Past, Present, and Future US Political Campaigns

Brigadier General (ret.) Francis X. Taylor, Joseph Drissel, and Matt Barrett

7.1 Action Plan for More Secure Campaigns—Addressing the Gaping Hole in Our Electoral Process

Brigadier General (ret.) Francis X. Taylor, Joseph Drissel,

and Matt Barrett

7.2 Preparing for the Future of Election Security—Recommendations for the 46th President

The Center for Internet Security

7.3 The Race with No Finish Line: Securing the Next Election in the Wake of 2020

Matthew Travis

7.4 The State of Campaign Cybersecurity

Brigadier General (ret.) Francis X. Taylor, Joseph Drissel, and Matt Barrett

7.5 The Price of Liberty—Countering Long-Term Malicious Cyber Influences on Democratic Processes

José de Arimatéia da Cruz

Chapter 8 Emergency Services

8.0 About the Emergency Services Sector

Stanley J. Mierzwa and Lauren Spath-Caviglia

8.1 Case Study—Law Enforcement Digital Forensics and Investigations Review; Results of a Cybersecurity Workforce Readiness Survey

Stanley J. Mierzwa and Lauren Spath-Caviglia

Chapter 9 Energy

9.0 About the Energy Sector

Chris Luras, John Eckenrode, and Donald Heckman

9.1 Securing the Backbone of the US Critical Infrastructure

Chris Luras, John Eckenrode, and Don Heckman

Chapter 10 Financial Services

10.0 About the Financial Services Sector

Hitesh Sheth

10.1 Time for Financial Providers to Lead with Cybersecurity

Hitesh Sheth

10.2 Public-Private Partnership in Fighting the Cyber Threat

Timothy L. Callahan

Chapter 11 Food and Agriculture

11.0 About the Food and Agriculture Sector

Timothy Bengson and Itzik Kotler

11.1 For CPG Companies, a Zero Trust Security Strategy Is the Best Supply Chain Defense

Timothy Bengson and Itzik Kotler

11.2 Software Helps Feed America—How Do We Keep It Secure?

Rusty Sides, Justin Ruth, Will Berriel, Scott McBain, and Michael Deck

11.3 Trust in the Food and Agriculture Supply Chain Starts in the Dirt and Ends on Our Tables

Joyce Hunter

Chapter 12 Government Facilities

12.0 About the Government Facilities Sector

Donald Maclean

12.1 Zero Trust: Buzzword or Panacea?

Donald Maclean

12.2 Outdated and Left Behind: Improving and Innovating Our Government Facilities

Dr. Nikki Robinson

12.3 Recommendations for Securing Government Facilities

Dr. Ron Martin

Chapter 13 Healthcare and Public Health

13.0 About the Healthcare and Public Health Sector

Krishnan Chellakarai and Itzik Kotler

13.1 How to Navigate a New Era of Threats to the Healthcare Sector

Krishnan Chellakarai and Itzik Kotler

13.2 Direct Patient Care Subsector Cybersecurity State of the Union

Joey Johnson

Chapter 14 Information Technology

14.0 About the Information Technology Sector

John Fanguy

14.1 Cybersecurity and Zero Outage: Where CISOs and Mission Leaders Align

John Fanguy

14.2 Managing Global Supply Chains and Their Impact on US Critical Infrastructure: What Do Critical Infrastructure Sectors Need to Do,

Now and in the Future

Donald R. Davidson Jr.

Chapter 15 Nuclear Sector

15.0 About the Nuclear Reactors, Material, and Waste Sector

Drew Spaniel

15.1 “Security by Isolation” Inhibits Nuclear Sector Resilience and Potential

Drew Spaniel

Chapter 16 Local and State Government

16.0 About State and Local Government Cybersecurity

Rita Reynolds

16.1 Emerging Threats and Challenges Facing State and Local Governments and Why They Should Be Considered Critical Infrastructure

Marcela Denniston, Alycia Farrell, Peter Liebert, and Jason Smith

16.2 Innovations for State and Local Governments

Marcela Denniston, Alycia Farrell, Peter Liebert, and Jason Smith

16.3 Recommendations to Improve the Cyber Resilience of State and Local Governments

Marcela Denniston, Alycia Farrell, Peter Liebert, and Jason Smith

Chapter 17 Transportation

17.0 About the Transportation Sector

Jerry L. Davis

17.1 From the Ground, through the Air, and Beyond Out There: Over the Horizon Opportunities, Risks, and Challenges in the Transportation System Sector

Jerry L. Davis

Chapter 18 Water and Wastewater Management

18.0 About the Water and Wastewater Systems Sector

Dr. Bradford Sims

18.1 Florida Water Treatment Attack and the Implications for Critical Infrastructure and Cybersecurity—An Exegesis

Dr. Ian McAndrew

18.2 Adhering to 12-Stage Process for Achieving Cyber Secured Water and Sewage Operations

Daniel Ehrenreich



Joyce Hunter

Afterword: Some Things Change, Some Things Stay the Same

Suzette Kent

View More




As the Lead Researcher at the Institute for Critical Infrastructure Technology (ICIT), Drew Spaniel is an expert in information security and technology across the US critical infrastructure sectors. He serves the Institute as a technical expert in cybersecurity, technology, and data science, as well as emerging adversarial trends, threat actor profiling, and legislation and agency initiatives related to information security and privacy. Spaniel earned a Master of Science in Information Security, Policy, and Management from Carnegie Mellon University’s Heinz College and a Bachelor of Science in Applied Physics from Allegheny College.