The 60 minutes segment describing the cyber breach at Littleton Electric Light and Water Department (LELWD) demonstrates the risk that even small critical infrastructure entities face from cyber risks. These cyber risks are being fueled by AI methods that have increased the frequency and volume of these cyber risks (130 CVEs reported per day as of Nov 1, 2025), like the one that impacted LELWD and will affect other critical infrastructure operators (NOTE: A CVE is like a dangerous food recall, but for software products with dangerous risk)
I applaud Representative Garbarino for his astute and accurate observations, citing the need for public-private partnerships to secure critical infrastructure operations. "Congress, in partnership with CISA and the National Cyber Director, must help harmonize duplicative and vague cybersecurity regulations across the federal government so cyber professionals spend less time on paperwork and more time doing what they do best: defending our networks." This message is consistent with the recommendations of Tom Fanning during his CISA Keynote Address in 2024: https://www.youtube.com/watch?v=0iYITlQfi3A
Unfortunately, some US Government agencies aren't ready or able to work toward harmonized cybersecurity regulations, rejecting an offer from the Business Software Alliance to work collaboratively on harmonized cybersecurity standards and best practices to protect the entire electric grid. Very disappointing; https://www.linkedin.com/feed/update/urn:li:activity:7374505980673409024?updateEntityUrn=urn%3Ali%3Afs_updateV2%3A%28urn%3Ali%3Aactivity%3A7374505980673409024%2CFEED_DETAIL%2CEMPTY%2CDEFAULT%2Cfalse%29
Thank you Representative Garbarino for having the courage to state the obvious.