Critical Infrastructure Security , Cybercrime , Cyberwarfare / Nation-State Attacks

Colonial Pipeline: 'A Global Day of Reckoning'

Ex-Federal CISO Gregory Touhill on Defending Critical Infrastructure
Gregory Touhill, director, CMU SEI's CERT Division

Gregory Touhill, the retired Air Force general and former federal CISO under President Obama, minces no words when he describes the Colonial Pipeline ransomware attack as a "global day of reckoning" for critical infrastructure protection.

See Also: NHS Ransomware Attack: Healthcare Industry Infrastructures Are Critical

"It's a global day of reckoning from the standpoint of seeing critical infrastructure such as this go into a gridlock because of ransomware," says Touhill, who recently was appointed director of the CERT division of the Software Engineering Institute at Carnegie Mellon University. "Further, it's a wake-up call for governments all around the world."

Asked what concerns him most about this latest strike, which has been attributed to attackers wielding the DarkSide ransomware variant, Touhill points to the general vulnerability of critical infrastructure.

"We do have a significant amount of critical infrastructure … around the world that does have cyber risk exposure that is not properly mitigated," he says. "And as we take a look at the increasing skills of cybercriminal groups such as DarkSide … this could be just the start of a global campaign against critical infrastructure that could adversely affect populations around the world."

In a video interview about the Colonial Pipeline attack, Touhill discusses:

  • Threats to critical infrastructure;
  • Ransomware as a national security concern;
  • Resources available from CERT.

As the new director of the SEI's CERT Division, Touhill leads a diverse group of researchers, software engineers, security analysts and digital intelligence specialists working together to research security vulnerabilities in software products, contribute to long-term changes in networked systems and develop information and training to improve the practice of cybersecurity. Touhill was appointed by former President Barack Obama to be the first CISO of the U.S. government. Previously, he served in the Department of Homeland Security as deputy assistant secretary in the Office of Cybersecurity and Communications. Before joining the Software Engineering Institute, he was president of Appgate Federal, a provider of cybersecurity products and services to civilian government and defense agencies. Touhill is a 30-year veteran of the U.S. Air Force. He served as a senior leader of military cybersecurity and information technology programs, culminating as the CIO of the United States Transportation Command. He retired from the Air Force with the rank of brigadier general.

About the Author

Tom Field

Tom Field

Senior Vice President, Editorial, ISMG

Field is responsible for all of ISMG's 28 global media properties and its team of journalists. He also helped to develop and lead ISMG's award-winning summit series that has brought together security practitioners and industry influencers from around the world, as well as ISMG's series of exclusive executive roundtables.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.