In October of 2023, the (Cyber Florida) at the (USF) and Florida Digital Service collaborated to launch the state’s first statewide assessment of both public and private critical infrastructure cybersecurity. The assessment was part of a significant investment by the Florida Legislature to enhance the state’s cyber resiliency, dubbed “.”
Because the original task focused on risk and vulnerability of Florida’s critical infrastructure, there was also a need to analyze the threats in a cyber intelligence assessment.
The project leaders approached the School of Information (iSchool) at USF—which is home to its cyber intelligence programs—to develop the threat/intelligence assessment.
Led by Dr. Stephen Gary, iSchool associate professor of instruction, and supported by iSchool colleagues, Dr. Randy Borum, director, and RJ Burney, a graduate of the iSchool’s cyber intelligence program and subject matter expert on securing critical infrastructure, the team worked at Cyber Florida’s request to fill the gap in the assessment.
“We worked closely with Cyber Florida and had some collaboration with Florida Department of Law Enforcement. By limiting collaboration with other entities, we could ensure an unbiased independent study,” Gary said. “This is the first cybersecurity intelligence report conducted for Florida's critical infrastructure, but we plan to produce annual reports going forward.”
Gary, who explained that their was added to the original report’s appendix, said that their assessment provides recommendations for addressing the evolving nature of cybersecurity threats and challenges.
“Cyber threats, actors and technology, have continuously increased over the years. Cyber threat actors have been improving their skills, to include using AI. We highlight the fact that we need to stay ahead of the cyber threat actors, especially in the field of AI. We are fighting AI with AI,” Gary said.
“Most of the recommendations for securing a critical infrastructure (CI) network applies to all networks. We can tailor a cyber intelligence report/assessment to a specific network, but for this report we conducted a broad assessment of cyber threats to Florida's CI. Organizations and individuals can and should conduct cyber intelligence assessments specific to their networks,” he explained.
Borum also highlighted the need for expanding the cyber intelligence and CI workforce.
“Given how vital, far-reaching (and often how vulnerable) our critical infrastructure is, there is a compelling need to build the workforce. Our recommendations include a critical infrastructure cyber threat/security lab to provide a platform for advanced training and an operational hub for the kind of analyses we did for this report.”
Other recommendations include a state cyber intelligence center and a statewide CI
cyber threat warning system.
Gary emphasized the importance of reassessing CI regularly.
“CI will always be a target for cyber threat actors, whether for ransomware or for nation states to gain a foothold for possible future cyber-attacks. We need to understand the threats to CI and the CI vulnerabilities to determine the risk.”
“Bottom line, cyber intelligence helps us to understand the cyber threats to organizations. The more we know about the cyber threats the better our cybersecurity will be.”