In 2021 Colonial Pipeline demonstrated US vulnerability to hacking networks, paying over $4 million (75K in Bitcoin) to a Russia-based organization after shutting down operations ... to regain access to data (the US government later recovered about half of that ransom).
How can the United States government... and, indeed, multinational corporations with a global footprint... address this risk? While guaranteeing security against all future attacks isn't possible, we believe a cloud-based "3-Domain Architecture" can improve security of data, computing and energy systems.
Recent comments suggest "zero trust" has fallen from the talking point attention it once had. That said, development processes, secure behaviors (that help avert "social engineering" attacks) and examination of supply chains (security testing of those components prior to final ship -- of product -- to customers) remain key to maintaining maximum security and avoiding loss to ransomware or other cyber attack.