Security vulnerabilities in critical applications in every industry from financial institutions to manufacturing. have been a problem for years and are now being thrust into the spotlight as a result of Executive Order 14028, Improving the Nation's Cybersecurity. Improving national security and the security of critical infrastructure starts with understanding exactly what's running in these applications and minimizing the exploitable attack surface.
Network-connected applications are exposed to significant vulnerabilities that can be exploited to cause significant interruption to essential services and even affect public safety. While targeted attacks on virtual institutions such as retail and banking, have been going on for decades, they have been largely focused on stealing information. Newer attacks focused on America's essential physical infrastructure and third party ecosystems offer attackers a better return on investment as they cause severe disruption of essential services and have outsized downstream impacts. These targets include applications supporting manufacturing, energy, surface transportation, logistics, agriculture, food and beverage.