Zero Trust

The Whitehouse has created a working group on Cyber-Physical Resilience to build resilience into Critical Infrastructure. They are looking at ways to prevent failure, disruption, and degradation.

If you had the opportunity, what would you want their top three priorities to be?

https://www.whitehouse.gov/pcast/briefing-room/2023/03/15/pcast-initiating-working-group-on-cyber-physical-resilience/

Nice find; thanks a lot for sharing. Concerning my priorities:

1. Research on applying open source zero trust/SDP networking platforms into OT environments that sometimes may be partially / fully air-gapped and completely stop external network attacks. Note that we are already working on this topic with OpenZiti (https://github.com/openziti) and a few orgs including DoE, on applying zero trust principles to distributed energy resources (i.e., critical infrastructure). 
2. Research on how application-embedded zero trust/SDP networking allows us not to trust any underlying networks, including WAN/internet, LAN and even host OS network, to stop side-channel attacks (e.g., malware on a device attacking any resources which are attached via the overlay network). This further allows us to run the zero trust overlay network within applications/run time environments that do not trust the underlying OS/bare-metal for distributed confidential systems. This is something OpenZiti can do today and which we are developing with several companies/providers.
3. Research on how zero trust and SDP systems also require a smart routing mesh network to provide resilience across any underlying network (incl. internet, satellite, 4/5G, etc.) so that regardless of the underlay, we have a private overlay which picks the best path, from source to destination according to the best performance and lowest cost. Again, something we do today with OpenZiti and want/need to turn into the defacto standard that any solution should implement.