Critical Infrastructure Security and a Case for Optimism in 2022

The new US infrastructure law will fund new action to improve cybersecurity across rail, public transportation, the electric grid, and manufacturing.


For anyone working in cybersecurity, the holiday season was hardly a restful one as we grappled with the Log4j software bug across the multitude of technology systems that facilitate our daily lives. The Cybersecurity and Infrastructure Security Agency’s (CISA) director, Jen Easterly, described Log4j as “the most serious vulnerability I have seen in my decades-long career.” And as we prepare for such cyberattacks to escalate, I’m not surprised to read warnings that cybersecurity is now in crisis mode as we begin 2022. In a lot of ways, it is.

However, I also see reasons for optimism. Our experience responding to Log4j is already helping to put into better perspective the change needed to ensure trust, traceability, transparency, and security throughout our supply chain and America’s critical infrastructure.

Furthermore, when it comes to critical infrastructure, the deployment of the bipartisan infrastructure law signed in November 2021 will spark new action to improve cybersecurity as new project funding across rail, public transportation, the electric grid, and manufacturing also brings new levels of connectivity. With that, here are my cybersecurity predictions for 2022.

Cyber Talent and Diversity: The Need for Cognitive Variety Will Grow in 2022

We have more than 300,000 open roles in US cybersecurity, and the more machines and buildings are connected, the more cybersecurity talent we will need. This is the year, I think, that we will really ramp up diversity, equity, and inclusion (DEI) in cybersecurity to both address the talent shortage and to improve our security posture.

Cybersecurity is one of those fields where you really need creative solutions, and the ability to think one or two steps ahead of hackers if you can. That calls for intellectual talent — people with the ability to think both creatively and analytically.

Heterogeneous teams are more productive and achieve better outcomes than homogenous teams. In the cybersecurity space, DEI translates into better protection for the systems that unite networked infrastructure — a key topic for the country right now. If you have diversity in all forms, you are maximizing the potential for better insight, better analysis, and new approaches. Read more:

Leave a Reply

Your email address will not be published. Required fields are marked *