Critical infrastructure security requires cross-sector, highly integrated collaboration between the private sector, government, research enterprise, and defense forces. Leaders from across these stakeholder groups discussed how they are working together to secure Texas’ infrastructure, and what more can be done.
The panel discussion on critical infrastructure security explored the best practices in securing the critical infrastructure systems of not only Texas, but the greater United States. Panelists shared insights on the need to balance security measures with innovation while addressing the growing threats to both the physical and virtual systems society relies on like clean, available water, and safe, reliable, affordable, and clean energy.
“We need to focus on how we integrate deterrence to support the United States and our allies, in this age of Great Power conflict that we find ourselves in again”
Lt. Gen. (R) John Evans
President and CEO
Evans Strategic Solutions, LLC
Resilience is a critical factor in maintaining competitiveness, particularly in the face of evolving challenges to infrastructure and resource security. As Lt. Gen. (R) John Evans, President and CEO of Evans Strategic Solutions, LLC succinctly described it: critical infrastructure security is crucial in this renewed age of “Great Power Conflict.” To support the industries needed for U.S. competitiveness, the power supply must be secure.This is becoming more difficult, due to the tremendous rise in power demand due to shifts in the climate and the influx of large load users, according to Dr. Francine Romero, Board Chair of CPS Energy. While 82 percent of the state's power now comes from non-carbon-based sources, security concerns persist. According to Dr. Romero, there is a lack of reliable data on power usage, and there are supply chain vulnerabilities.
“There’s not going to be innovation and competitiveness without a reliable power supply”
Dr. Francine Romero
Board Chair
CPS Energy
Large data centers, which seek out reliable, abundant, and affordable power, location shop but make it difficult for utilities, because they are hesitant to make firm infrastructure commitments. This pushes legislatures to incentivize major data center development projects, which is putting even greater strain on power utilities. Additionally, the rise of independent "islands" of energy production raises questions about long-term strategic planning. Stressing the need for an integrated planning approach, Dr. Romero, a former planning and zoning commissioner, pointed out, “We are not talking enough in cities about how we manage this new demand and where it goes.”
One effective strategy for securing the U.S. energy supply is to create additional sources of energy to make our grid more expansive and diversified in its power sources. Dr. Romero advocated for a greater implementation of nuclear technology, particularly Small Modular Reactors (SMRs). She shared SMRs have the potential to be "extremely important" for grid resilience and are a promising technology for securing long-term energy supply. Adding to Dr. Romero’s point, Mr. Evans discussed the logistical challenges of power distribution. He explained that the DoD spends considerable time and resources moving power, showing the need for more flexible and resilient energy solutions like the use of mobile microgrids, in addition to the previously mentioned SMRs, to provide reliable energy distribution in the future
Beyond the capacity and investment needed to expand and modernize physical infrastructure, cyber threats pose another major challenge to critical services. Dr. Romero warned utilities are under constant cyber-attack, prompting CPS Energy to bolster its cybersecurity defenses. CPS Energy is actively collaborating with U.S. Homeland Security and local officials to develop a coordinated response to these threats.
“San Antonio is a city that always strives to move forward”
Mr. Rick Driggers
Managing Director
Cyber Practice Lead
Accenture
Mr. David Mendoza, Information Security Manager at San Antonio Water System, offered a practical perspective on the challenges of securing critical infrastructure. He noted implementing security controls is essential, as is the ability to detect cyberattacks. With prevention being the best way to maintain resiliency and organizational continuity, his team works diligently to identify vulnerabilities before they can be exploited. "We need to think like an attacker," Mendoza stated. Furthermore, he shared how his team works to do the basic security steps extensively and well, including knowing which devices are exposed to the internet and scenario planning to address potential threats. He also stressed the importance of maintaining a comprehensive inventory of devices and their potential impact on business operations to better assess the risks posed by cyber threats.
Data is the second most important currency for a company, after financial profit, according to Mr. Rick Driggers, Cyber Practice Lead of Accenture Federal Services. Therefore, securing data has become increasingly important, especially in the context of emerging technologies like artificial intelligence (AI) and in the post-quantum cryptography era. He also discussed the concept of "Collective Defense," which calls for expanding security beyond a company’s network to also include its vendors and business partners. Mr. Driggers shared an example of a Russian cyberattack, in which hackers gained access to a large organization through a small HR company that worked with it, illustrating the vulnerability of smaller businesses as entry points for larger attacks. To secure crtical data, stakeholders must understand the full scope of the network infrastructure, and Mr. Driggers pointed out that Chief Security Officers often have limited visibility of the networks they are tasked with protecting.
Although securing our data resources is crucial for our national security and the resilience and continuity of industry, the need for security must be balanced with the speed and of innovation. Mr. Jim Perschbach, CEO, Port San Antonio, argued that the nation’s competitiveness is hindered by too much secrecy and classifying too much information unnecessarily, stifling innovation. Mr. Perschbach explained the approach taken by Port San Antonio, a public-entity that serves as a multi-use industrial and technology complex. Covering over 1,900 acres, Port San Antonio serves as a hub for aerospace, cybersecurity, defense, and technology companies. Port San Antonio prioritizes open access and collaboration between government, industry, and the community; as outlined by Mr. Perschach, this model provides valuable lessons for accelerating innovation in the United States.
“By opening Port San Antonio to the community, industries and government have the chance to see emerging technology and find new opportunities”
Mr. Jim Perschbach
CEO
Port San Antonio
One approach to promoting regional innovation within the defense industry Port San Antonio is taking is to become hyper-integrated into the fabric of the community. Port San Antonio works with the greater city to foster a culture of openness that is essential for sharing new ideas, expanding professional and social networks, and increasing business and entrepreneurial opportunities. Port San Antonio has also worked to integrate defense contractors, universities, and local industries, thereby building relationships and creating an environment conducive to innovation. Mr. Perschbach gave examples of how Port San Antonio helped facilitate student collaborations with government security branches like the Air Force to build gaming machines — creating onramps that help strengthen the country’s future skilled workforce.
To promote security while fostering the spirit of partnership needed for innovation, stakeholders must take a more standardized and collaborative approach to securing digital infrastructure. Mr. Driggers raised concerns about the fragmentation of cybersecurity efforts within the federal government, noting that competition between agencies often complicates efforts to address cybersecurity challenges. He called for the elimination of internal barriers within the federal government, suggesting that the private sector, where much of the innovation is happening, should take a leading role in shaping cybersecurity policies. He reiterated the importance of Collective Defense and the vast amount of data shared across industries, which necessitates a unified approach to securing digital infrastructure.
Wrapping up the session, the panel concluded that securing critical infrastructure requires a collaborative approach that spans across sectors and includes both physical and cyber dimensions. While addressing the challenges of securing data, energy supplies, and digital infrastructure, all organizations must balance maintaining security with advancing innovation. As technology continues to evolve, particularly with advancements in AI, quantum computing, and energy production, it is crucial to adapt security frameworks to keep pace.
The insights shared during the session reaffirmed that resilience is vital for ensuring long-term competitiveness and sustainability. Moving forward, all stakeholders must work together to address emerging threats and innovate without stifling progress.
