- Critical infrastructure defense is hindered by fragmentation across private owners, local governments, and federal agencies, creating gaps that adversaries exploit across physical, cyber, and informational domains.
- The threat landscape is expanding and becoming more accessible, with rising cyber vulnerabilities, commoditized nation-state tools, and increasing pressure on election infrastructure through both technical attacks and human intimidation.
- Effective protection now depends on integrated, cross-domain intelligence sharing and pre-established coordination, as adversaries increasingly aim not just to cause damage but to erode institutional trust and societal resilience.
The panel “Protecting Critical Infrastructure in a Multi-Domain Threat Environment” at Homeland Security Today’s 2026 Counterterrorism Summit addressed how to defend critical infrastructure against an increasingly complex, multi-domain threat landscape.
Moderated by Kelly Murray, professionals including Kawika Lau, Tina Barton, Dennis Alexander, Brett Walkenhorst, and Joshua Sinai demonstrated that the threat environment has become too fast, too distributed, and too interconnected for any single agency, sector, or discipline to handle alone. The need for coordination and cross-domain awareness was underscored, as adversaries are growing faster, more coordinated, and better equipped than the systems designed to stop them. In an era when adversaries increasingly exploit institutional gaps across the physical, cyber and informational domains, the protection of critical infrastructure has become a central pillar of counterterrorism strategy in 2026 and beyond.
The panel converged on a central argument: the primary vulnerability of critical infrastructure is the fragmentation of the defensive system itself. 80% of critical infrastructure is privately owned, and the remainder is managed by under-resourced local governments, which affects accountability and standards and conditions that adversaries actively exploit.
Panelists showed that the attack surface is expanding across every domain. On the technical front, 2025 alone saw a 27% increase in new wireless CVEs, including cases such as Russian APT attacks, the commoditization of nation-state spyware tools, and drone deployments at polling places using First Amendment auditor tactics.
Election infrastructure has emerged as an acute pressure point: beyond technical vulnerabilities, frontline officials face an intensifying human threat, with 250 bomb threats in 2024 and 38% of election officials threatened or harassed. Smaller and more rural jurisdictions have been disproportionately affected due to their limited resources.
At the analytical level, a gap has been identified in how institutions process threat intelligence. Behavioral, financial, and digital indicators rarely surface within the same system or at the same time, leaving connections unmade until it is too late.
The intelligence needed to prevent attacks already exists; what is missing is a cross-domain architecture to integrate it.
Speakers consistently reached the same conclusion: the objective of adversaries, whether foreign state actors, domestic extremists, or cybercriminals, is not necessarily destruction but chaos. The strategic goal of these actors is the erosion of public trust in institutions, making resilience and coordinated response not just operational priorities but national security imperatives.
One major takeaway is that fragmentation is the vulnerability of the current security landscape, not its product. The disconnect among private owners, local government, federal agencies, and sector-specific defenders creates the exact conditions adversaries need to operate undetected and unchallenged.
Relationships and protocols must be established before a crisis arises, not during one. The panel underscored that whether coordinating among election officials and law enforcement or integrating available pre-indicators, the infrastructure of trust and communication is as critical as any technical defense.
A critical emerging trend is the commoditization of nation-state-level capabilities, with tools and tactics, such as spyware, now accessible to a broader range of threat actors. This significantly lowers the barrier to entry for high-impact attacks.
Risk management remains underapplied across institutions, with most organizations responding to threats reactively rather than calculating risk. The panel highlighted that this leaves them without a clear threshold for acceptable damage and for how to prioritize accordingly.
The ultimate goal of creating chaos reframes the defensive mission toward resilience and the ability to maintain public trust under pressure. As speakers clearly stated, this aspect is as strategically important as prevention.
The panel has effectively delved into the intersection between counterterrorism trends and infrastructure protection, underscoring the necessity of a different approach.
Threats were described as fundamentally adaptive and nonlinear, with an increasing ability to exploit institutional gaps. The use of AI is a multiplier for scaling threats, ranging from wireless to disinformation, underscoring the necessity of an approach grounded in integration as a baseline requirement. The cost of inaction is not just operational failure but the erosion of democratic resilience itself.
