Critical Infrastructure Resilience & Advanced Tech in the Face of Evolving Threats


Posted on by Tatyana Sanchez

How Can Organizations Build Resilience into Critical Infrastructure?

Industries within the critical infrastructure landscape, such as energy, healthcare, transportation, telecommunications, and financial services, are facing an increasing wave of cyberthreats. Therefore, it is important to start building cyber resilience in organizations.

As Tia Hopkins, Chief Cyber Resilience Officer & Fiel CTO at eSentire, stated in an RSAC™ 2025 Virtual Seminar, "Cyber resilience is the ability to anticipate, withstand, recover from, and adapt to adverse events. It's not just the ability to bounce back; it depends on how well-prepared an organization is, how much you limit the scope of what's going on, and how you adapt to your surroundings."

The initial step in assessing the resilience of critical infrastructure is to consider what is most important to the specific operations of an organization, said John Johnson, CISO at Docent Insititute and Founder/CEO of Aligned Security. Companies need to understand the relevant threats and how they apply in order to explore strategies to enhance resilience, such as system diversification and segmentation, air gaps, incident response, and risk and vulnerability assessment, which are very important for preventing cyber incidents. Robust disaster recovery is also essential, Johnson said, "Resilience in critical infrastructure should address not only cyberthreats but also physical threats, such as natural disasters."

These steps will help organizations be prepared for the unexpected, which is key to resilience. In the recent RSAC™ 2025 Virtual Seminar Kanika Saraiya Havelia, Senior Director at KMPG Consulting, said that to be cyber resilient, organizations need to focus on preparedness and ask questions like, "Is there redundancy built into our processes and systems?" For example, if you use the Amazon app to make a retail purchase, there are multiple payment methods available, so if one is unavailable, another can be used. It is important to have redundancies in mechanisms and systems so that if something fails or is down, there is a backup, especially for critical industries.

Still, building cyber resilience in critical infrastructure is an ongoing process that requires proactive measures and a commitment to continuous improvement as technologies evolve.

How Has the Integration of Advanced Technologies Impacted the Critical Infrastructure Landscape?

Advanced technologies are increasingly being developed and implemented in organizations. However, the downfall of those technologies is that cybercriminals also use them to become more sophisticated in their attack methods.

Some emerging technologies in modernizing critical infrastructure, include:

Internet of Things (IoT)

While IoT is not an emerging technology, it's use in the critical infrastructure space has evolved over the last several years so that now these tools have "emerged" as a part of the overall ecosystem Organizations’ devices, systems, and applications are increasingly connected to the Internet, making it necessary, as Johnson stated, “for an organization that is collecting vast amount of data to be able to see what’s being processed out in the field.” IoT has revolutionized industries by enabling unprecedented connectivity and automation.

Downfall: Every IoT device represents a potential entry point for cybercriminals; however, these devices often lack integrated security features, processing power, and memory. This enables attackers to exploit weak passwords, outdated firmware, and poor patch management in IoT, making organizations more vulnerable to an attack.

Cloud Computing

As networks become connected to the Internet and collect more data, the demand for cloud computing to empower businesses to deploy applications, services, and infrastructure has increased to a pace that was once inconceivable. Cloud computing provides organizations flexibility, scalability, and cost savings.

Downfall: Cloud computing’s ability to store and access data remotely is a double-edged sword in that it  vastly increases the attack surface and allows for cybercriminals to access that data without the impediments of physical barriers. Securing cloud computing can be a challenge for most organizations.

Artificial Intelligence (AI)

AI has introduced innovative tools and strategies for organizations. As AI offers the ability to identify patterns and make predictions, Johnson said a crucial feature is that it is being integrated into security technologies. Automation, a key AI tool, streamlines repetitive tasks, allowing security teams to focus on more complex issues that still require human oversight.

AI also provides other advantages that companies are leveraging. Jason Lish, CISO at Cisco Systems Inc, stated an RSAC™ 2025 Innovation Showcase, “AI is being used to build cohesive workflows for vulnerability scanning, penetration testing, and advanced code analysis, helping organizations focus on key exposures.” By using AI, organizations can mitigate vulnerabilities and risks while optimizing and reducing manual tasks.

Downfall: Cybercriminals also leverage advanced AI by deploying phishing and social engineering attacks which have become more sophisticated and less expensive due to AI. 

Quantum computing is a future advanced technology we will see come into reality. And while fully operational quantum computers might not have arrived yet, many are preparing for "quantum-safe" encryption. Organizations should always stay on top of the latest technologies to better understand how to use them and proactively anticipate potential threats, especially new and emerging threats.

How are Hacker Tactics and Threats Evolving Against Critical Infrastructure?

We have seen an increase in the rise of cyberattacks against the critical infrastructure, but why? Johnson noted, “It’s most likely due to these organizations being so critical and large. They cannot be down for a long period of time, so they are willing to pay the ransom.”

Johnson explained that utilities, manufacturing, and OT environments were once a mystery to the average hacker, but we now have an understanding of these landscapes, and they are becoming more connected to devices and the Internet, allowing entry points for cybercriminals.

There are many different types of tactics hackers use, but the two most common ones, as y Patrick Miller, CEO at Ampyx Cyber, said in an RSAC™ 2025 Podcast, “Ransomware and disruptive malware are probably the most common threats we are seeing in the critical infrastructure.”

As more organizations rely on third-party vendors for critical services, hackers are increasingly deploying supply chain attacks, which impacted 296,688 individuals and organizations.

We are also seeing a rise in cyber espionage and sabotage, as we saw with the 2024 elections. Also, in December 2024, Chinese-state-backed hackers accessed workstations at the US Treasury Department via a cloud service and revealed vulnerabilities in government systems.

The critical infrastructure landscape is facing an escalating threat from increasingly sophisticated hackers and evolving attack methods, demanding continuous adaptation and robust defenses.

What Does a Comprehensive Guide for Critical Infrastructure Protection Best Practices Entail?

Here are three key factors for building resilience, as outlined by Rebekah Skeete, COO at BlackGirlsHack, in an RSAC™ 2025 Virtual Seminar:

1. Technology: Implementing the right tools and solutions is crucial for protecting, detecting, and responding to threats. This includes firewalls, encryption, access controls, and AI-driven threat intelligence. However, technology alone isn't enough. It must be properly configured, regularly updated, and effectively integrated into business operations.

2. People: Every individual within an organization plays a role in building resilience, from employees and security teams to executives and third-party vendors. Security training is essential, as many cyber incidents stem from human error like weak passwords or phishing attempts. A strong security culture within an organization is a critical factor in overall resilience.

3. Processes: Well-defined incident response plans, risk management frameworks, and business continuity strategies are vital. These processes must evolve with advanced technology, as outdated processes can leave organizations vulnerable. Regularly monitoring and testing these processes is also critical.

Communication and collaboration are also essential for building resilience. Protecting an organization from cyberattacks and achieving resilience is not solely the responsibility of the CISO or CEO; it's a collective effort, and "building a network of industry connections and information sharing is important in all industries," Johnson said.

To stay informed about the latest attack vectors and trends, cyber professionals should regularly visit credible cybersecurity websites such as the National Council of ISACs and National Institute of Standards and Technology. You can also find more information on building resilience in the RSAC library.

Contributors
Tatyana Sanchez

Content & Program Coordinator, RSAC

Hackers & Threats Technology Infrastructure & Operations

critical infrastructure infrastructure security Network / Infrastructure Security cloud security Artificial Intelligence / Machine Learning supply chain cyber espionage Internet of Things quantum computing malware ransomware

View More Blogs

Blogs posted to the RSAConference.com website are intended for educational purposes only and do not replace independent professional judgment. Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSAC™ Conference, or any other co-sponsors. RSAC™ Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.


Share With Your Community

Related Blogs