CYBER SECURITY AND CRITICAL INFRASTRUCTURE IN THE GEOSCIENCES - ESSENTIAL EDUCATION FOR THE CYBER-PHYSICAL FUTURE

The Cybersecurity and Infrastructure Security Agency (CISA) specifies 16 critical infrastructure (CI) sectors which are so vital that their destruction or incapacitation would have a debilitating effect on national security, economy, public health, and safety. For geosciences, these include critical manufacturing (which relies on critical minerals and equipment), the energy sector, nuclear reactors and water. CISA notes that today's attacks are a result of hybrid attacks targeting both physical and cyber assets. For example, CI's rely on industrial control systems (ICS) for safe and efficient operation. In 2010, the Stuxnet malware targeted a multinational vendor's control systems - disrupting machinery employed in power plants, resulting in physical damage.

As long as we rely on digital connectivity, cyberspace, internet, and a generally technologically driven future, cyber threats will persist. Given that these are persistent threats, the estimated budget for civilian cyber security expenditure is 12.7 billion for FY 2024. These attacks often carry a monetary motivation. Ransomware payments amounted to 400 million in 2020 according to whitehouse.gov. The true extent of damage may never be fully known, as energy.gov states that no lasting damage to US utilities has been publicly reported.

Based on a detailed analysis of numerous well-prepared government and industry-professional reports, one author is inclined to conclude that while cyber security is paramount, it is already well in hand. Several US government agencies are hard at work protecting America from numerous persistent cyber threats. Government agencies and privately held companies provide their employees with excellent training in cyber defense. This training is largely available to the public for free. The York College NASA STEM Cybersecurity Program powered by AT&T was designed to provide this to students who would not otherwise have access to digital literacy while opening the door to opportunities in the rapidly growing industry of cybersecurity. York has been offering lessons to high schoolers since 2022 to create more good-actors who are cyber-literate, particularly within underrepresented groups from southeast Queens, New York city. Regardless of their job title or industry, all good-actors who receive sufficient training will be an asset to their employer or shareholders in the future.