Mr. Daryl Haegley has 30 years of military, federal civilian and commercial consulting experience, currently overseeing the cybersecurity effort to secure control systems / operational technology for the Department of Defense (DoD). He leads DoD policy, security assessments, cyber range capability developments, SECDEF scorecard requirements and Risk Management Framework (RMF) process improvements. Contributing author to NIST SP 800-82 R2 ‘Guide to Industrial Control Systems Security,’ Unified Facilities Criteria 4-010-06 ‘Cybersecurity of Facility-Related Control Systems’ and Springer publication ‘Security of Industrial Control Systems.’ He maintains four certifications, three Masters’ degrees, two college loans & one patent.
Cyber-physical system attacks have crept from the theory to reality; 2017-2018 demonstrated the severity of the threat to Critical Infrastructure, hence to national security by way of coordinated cyber and physical attacks (CCPA). The most salient point about Cyber-Physical Systems is that they have their feet firmly planted in two worlds, the information systems enabling them and the Control Systems (CS) that execute physical effects. The understanding of a particular CPS’ maintenance procedures, protections, indications and warnings, and response and recovery procedures require both technical and operational insight into the cyber and physical domains. There is huge variation across the CPS domain, and the challenges are significant. We will review here some of the most recent actions and recommendations by the U.S. Government to reduce the threat to Critical Infrastructure CPS, with a focus on Department of Defense (DoD) actions to secure its critical Infrastructure.