Here Are Some Key Challenges to Critical Infrastructure Security


Researchers should focus on when humans need to be in the loop and when machines can take charge.

Government and industry should conduct more research into understanding which complex security questions can be fully automated and which ones require “humans in the loop,” according to the readout of a Feb. 28 meeting between government and critical industry sectors.

The meeting included representatives from 13 of the 16 infrastructure sectors that the Homeland Security Department has decided are critical to the country’s national security. Among the 16 sectors are: energy, transportation, health care, telecommunications and government facilities.

Other findings from the meeting include:

  • A key challenge is modeling interdependencies within critical infrastructure sectors that increase efficiency but may also increase digital vulnerabilities.
  • More research is needed to detect, prevent and mitigate cyber threats, including approaches that involve artificial intelligence and automation.
  • Cyber protection techniques and technologies developed for one sector may often be successfully adapted for another.
  • Rapid cyber threat information sharing between government and industry has improved the way critical infrastructure sectors respond to crises, helping them to “coordinate and quickly disseminate critical information from public and private sources.”
  • International collaboration has also been helpful in improving cyber resiliency.

The meeting of the National Science and Technology Council’s Critical Infrastructure Security and Resilience Stakeholder Workshop was co-chaired by Homeland Security, the White House’s Office of Science and Technology Policy and the U.S. Army Corps of Engineers.