 |
Critical Assets PodcastAuthor: Patrick Miller
The Critical Assets Podcast covers important OT and ICS security topics with an eye toward standards and regulation to keep you ahead of your adversaries... and your auditors. Ampyx Cyber. Securing your world. See our other content such as blogs, cybersecurity news and more at www.ampyxcyber.com Language: en Genres: News, Tech News, Technology Contact email: Get it Feed URL: Get it iTunes ID: Get it |
Listen Now...
Policy Pulse: Regulatory Roundtable - Cyber Strategy, Large Loads, AI & CISA in Flux
Episode 2
Monday, 11 May, 2026
Patrick Miller reconvenes with Joy Ditto (Joy Ditto Consulting) and Earl Shockley (INPOWERD) for a tour of the past two months in critical infrastructure policy. The episode opens on the administration's new National Cybersecurity Strategy and its six pillars, with focus on the openly offensive "shape adversary behavior" posture and the asymmetric risk it creates for asset owners likely to absorb retaliation.The panel then digs into the pressures reshaping the bulk electric system: data center designation, cloud-hosted control centers running NERC standards while the underlying compute is unregulated, and the physics of computational loads that behave nothing like traditional load. Earl walks through the recent NERC Level 3 alert on large load connections, an unusually serious signal that industry processes are behind.The discussion also covers April infrastructure executive orders that release funding but ignore cybersecurity, hyperscalers displacing utilities as the top buyers of bulk electrical equipment, the multi-agency zero trust in OT guidance, and CISA's leadership uncertainty after Sean Plankey withdrew his nomination. On the AI front, the group unpacks what Anthropic's Mythos and the Glasswing response mean for vulnerability discovery at scale, and why no OT vendors are on the Glasswing list.Closing thoughts include Joy's note on satellite cybersecurity and a rare bipartisan Senate trip to China, Earl's emphasis that computational load is now an enterprise governance issue rather than a technical one, and Patrick's plea to stop making the adversary's job easy.Topics coveredThe new National Cybersecurity Strategy and its six pillarsOffensive cyber posture and the asymmetric risk to asset ownersData center designation as critical infrastructureCloud control centers and the NERC 100-series standardsComputational load, grid stability, and loss of system inertiaNERC Level 3 alert on large load connectionsApril infrastructure executive orders and the missing cyber languageSupply chain shifts and hyperscalers as the top equipment buyersZero trust principles for OT environmentsCISA Fortify guidance and CISA's current leadership statusAnthropic's Mythos, the Glasswing response, and the OT vendor gapSatellite cybersecurity and bipartisan engagement on China policyBasic hygiene: get exposed devices off the internet
