November is National Critical Infrastructure Security and Resilience Month — a time designated by the U.S. Department of Homeland Security to recognize and reinforce the importance of protecting the systems and assets that underpin our nation’s economy, security, and daily life. Yet discussions about infrastructure resilience often remain abstract. In truth, the risks are tangible, the interdependencies real, and the potential consequences profound.
Energy Sector
According to the Department of Energy’s Office of Cybersecurity, Energy Security, and Emergency Response (CESER) data, the U.S. power grid faces thousands of cyber intrusions annually. A 2024 Government Accountability Office (GAO) report found that energy infrastructure remains vulnerable to both physical and cyber threats — from ransomware to aging transmission lines. The 2021 Colonial Pipeline attack was a stark reminder that a single breach can disrupt the flow of fuel to millions. Strengthening grid cybersecurity, modernizing transformers, and building redundancy in supply chains are essential investments.
Water and Dams Sector
More than 90,000 dams across the U.S. provide flood control, irrigation, hydropower, and recreation. The Association of State Dam Safety Officials (ASDSO) estimates that more than 2,300 of these are considered ‘high hazard’ and in poor condition. The 2020 failure of Michigan’s Edenville Dam displaced 10,000 residents and caused more than $200 million in damage. Federal funding through FEMA’s High Hazard Potential Dam Grant Program is improving assessments, but many state agencies still lack the resources to complete critical repairs.
Transportation Systems
Transportation systems — highways, bridges, ports, and rail — are the physical veins of our economy. The American Society of Civil Engineers (ASCE) gave U.S. roads a D grade in its 2021 Infrastructure Report Card, noting $786 billion in backlogged repairs. Airports and rail networks face similar strains. The 2023 FAA outage that grounded flights nationwide was traced to a corrupted database file — a small error with massive consequences. Investment in resilient digital infrastructure and interagency coordination remains key.
Communications
The backbone of emergency response and modern commerce, the communications sector is increasingly vulnerable to natural disasters and cyber incidents. Wildfires in Hawaii and hurricanes along the Gulf Coast have repeatedly taken down cellular networks, complicating rescue operations. The FCC’s Disaster Information Reporting System (DIRS) has improved data-sharing, but redundancy and backup power for cellular towers remain uneven nationwide.
Healthcare and Public Health
The COVID-19 pandemic exposed fragility in healthcare infrastructure — from supply chains to data systems. Hospitals rely on steady power and communications links and cyberattacks against medical facilities have surged. The Department of Health and Human Services (HHS) reported a 93% increase in large healthcare data breaches from 2018 to 2022. Modernization and cross-sector coordination with emergency management must continue to evolve.
These examples are just a few of the many critical infrastructure sectors, each with their own unique challenges. Protecting our critical infrastructure is not just a federal responsibility. State, local, and private sector partnerships form the backbone of national resilience. The systems we rely on — for power, water, movement, communication, and health — are only as strong as the attention and investment we dedicate to them. In a month devoted to awareness, it’s time to replace generalities with action.
Dan Stoneking is the Owner and Principal of Stoneking Strategic Communications, the Author of Cultivate Your Garden: Crisis Communications from 30,000 Feet to Three Feet, the Founder and Vice President of the Emergency Management External Affairs Association, and an Adjunct Professor in the Communications Department at West Chester University.