Dean Gefen, cybersecurity expert and CEO of workforce development firm NukuDo, warns that the threat isn’t theoretical; it’s imminent.
“The threat is very real,” Gefen says. “Cyber retaliation has become a preferred tool of asymmetric warfare. It’s low-cost, deniable, and scalable.”
Gefen draws from a long track record in cybersecurity, including training thousands for high-stakes security roles. From his vantage point, the current environment marks a critical juncture for infrastructure operators.
Critical infrastructure: telecoms, energy grids, and water systems, offers an irresistible target to state-sponsored actors. These systems aren’t just foundational; they’re also inherently vulnerable.
“Disrupting telecom or energy operations doesn’t just create technical chaos,” Gefen explains. “It also creates a psychological and economic impact. That’s exactly what state-sponsored hackers want.”
Despite ongoing efforts to bolster cybersecurity postures, the pace of improvement in these sectors is lagging behind the speed of adversarial innovation.
“The gap between attacker sophistication and defender resources is still too wide,” he warns. “Preparedness today is uneven and often reactive, rather than proactive.”
The workforce gap looms large in Gefen’s analysis. With over half a million cybersecurity roles unfilled across the U.S., the shortage isn’t just an HR issue—it’s a national security vulnerability.
“It’s not just serious. It’s strategic,” he stresses. “We can have the best technology in the world, but without skilled people to configure, monitor, and respond, it’s not enough.”
This gap is particularly dangerous in infrastructure sectors, where the integration of operational technology (OT) and traditional IT systems demands hybrid expertise.
Among infrastructure sectors, telecommunications stands out as especially vulnerable.
“Telecoms are attractive because they’re foundational. Disrupting them causes a cascading effect across government, finance, healthcare, basically everything.”
Gefen highlights the complexity of telecom systems, from outdated routing protocols to third-party vendor dependencies, as fertile ground for attackers.
“There are far too many interdependencies, and too few well-defended choke points.”
Legacy infrastructure remains a glaring weak point. While many operators continue to rely on outdated systems, the consequences are mounting.
“Legacy systems often lack basic security features like encryption, logging, and access control,” Gefen says. “That creates ideal conditions for attackers. They don’t need to invent new exploits when older ones still work.”
Worse yet, patching legacy systems often carries the risk of disrupting service, leading many organisations to delay crucial updates, further expanding their attack surface.
While headlines often focus on external hackers, Gefen cautions that insider threats—whether intentional or accidental—are just as dangerous.
“Insiders already have the access that external attackers are trying to gain,” he says. “In sectors where systems are tightly controlled and specialised, a single compromised credential or disgruntled employee can do massive damage.”
The solution, according to Gefen, lies in robust behavioural monitoring and strict access controls, not just background checks.
“As famously said, trust, but verify. Continuously.”
For infrastructure operators unsure where to begin, Gefen offers a clear roadmap.
“The first step is to start with visibility. You can’t defend what you don’t fully understand.”
This includes mapping assets, prioritising critical systems, enforcing multi-factor authentication, and network segmentation. Perhaps most importantly, he emphasises the need for simulation-based readiness.
“Run red team simulations to test real-world readiness. But most importantly, invest in your people. The best security stack in the world won’t help if your team can’t respond quickly and correctly when an attack actually comes.”
RELATED STORIES
