How to know if the infrastructure bill is actually working – Protocol

admin on April 24, 2022 Leave a Comment

Good afternoon! It's been more than five months since President Biden signed the Infrastructure Investment and Jobs Act into law, so we asked the experts to look at how the rollout was looking and the best ways to measure its efficacy. Want more on the infrastructure bill? Protocol's Issie Lapowsky hosted a panel today about what to expect next.

Senior Vice President at Booz Allen Hamilton

In 1954, the Eisenhower Administration referred to the $175M down payment on the National Highway System as a good start. Two years later, Congress authorized $27B to launch nationwide efforts to construct one of Americas greatest achievements. In November 2021, President Biden signed the $1.2T infrastructure bill, the first significant down payment of modernizing a now aging infrastructure with 21st century technologies. A good start.

But how will we know its working and creating bipartisan support to finish the job as the National Highway System did? Its important to examine three long-term indicators that will foreshadow the degree to which we transform our infrastructure.

First, will states emerge as laboratories of innovation or just spend the money? In areas like alternative energy and electric vehicle adoption, we already see promising signs of states taking novel approaches and forming intriguing partnerships to spur innovation.

Second, will private industry invest heavily now or wait on the sidelines? When the Affordable Care Act was passed, for example, Congress appropriated $10B for innovative health pilots. But the market signal it sent generated a wave of large-scale industry investment, triggered market shifts, and stimulated innovation. Will a similar pattern emerge with infrastructure?

Third, will technology adoption accelerate or stagnate? In the automotive industry alone, EVs, AVs, and even UAVs could disrupt business and regulatory models and produce unpredictable advancements and consequences. The adoption curves shape over the next five to eight years will tell us much about the success of this down payment.

Tweet this.

Senior Fellow and Director of the Center for Technology Innovation at The Brookings Institution

The Infrastructure Investment and Jobs Act (IIJA) is primed to place a large down payment on the equitable deployment and adoption of affordable, high-speed broadband. If implemented, it will guarantee that no child nor community in America will be left offline ever again. But to determine its success, two factors should stay top of mind: the details of new broadband network deployments, and the percentage of Americans fully benefitting. The former may appear easy but may require some flexibility in how new networks are accounted for, including an approach that incorporates opportunities for novel technologies like 5G fixed wireless, as well as enhancements to existing network infrastructure. The latter will require metrics from states and other local stakeholders that provide data on local technology adoption and use. These should be made public to enable research and accountability from interested parties. Right now, many public and private sector leaders are focused on getting the monies allocated in accordance with legislative goals and timelines, but success will not come in the sole review of balance sheets. Rather, how human capital will be enhanced by these opportunities also matters and may take longer to determine. That is why ensuring that NTIAs Office of Internet Connectivity and Growth must expediently provide the nation with public landscape analyses on both broadband deployment and digital equity progress. Without knowledge of where the U.S. is starting on these key issues, it will be impossible to determine whether IIJA has succeeded or failed.

Tweet this.

President at the Information Technology and Innovation Foundation

The clearest indicator of success for the infrastructure bill will be a lot more infrastructure built in a cost-efficient and timely manner. However, the as intended question complicates things, as many progressive members of Congress did not intend for the bill to expand Infrastructure. For example, there is a risk that anti-road progressives will limit funding for expanding road and bridge capacity and instead focus on repair.

In the case of IT-related infrastructure, the metrics of success should be clear. For broadband, this means bringing up the percentage of households served by at least one fixed provider to around 98 percent. Trying for 100 percent would waste money. The last few percent are better served by low-earth-orbit satellite broadband. The way to achieve this goal is to limit broadband overbuilding: funding new networks in places with adequate broadband. And adequate broadband should be defined reasonably: no more than 100mbs down and 10 up.

Success also means widespread deployment of 5G networks to most places people live and regularly travel (e.g., along the Interstates).

If there is any money left over after building networks in unserved places, it should be spent helping low-income households adopt broadband and gain digital skills.

Finally, achieving these goals will be much harder if the administration insists on applying Buy America provisions on the IT components of infrastructure builds. ITIF estimates that this would raise IT costs by approximately 25 percent. By definition, this means less infrastructure being built.

Tweet this.

CEO and Co-founder at Illumio

From a cybersecurity standpoint, all eyes are on how organizations will respond to President Bidens Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA). The bill is significant in that it requires multiple sectors to report material cybersecurity incidents and ransomware payments within 72 and 24 hours, respectively to CISA.

If the bill works as intended, we can first expect to see more organizations across industries (from FinServ to agriculture) disclose cybersecurity incidents to CISA in a timely manner. This will lead to increased information sharing between public and private sectors, which will help us better understand imminent cyber threats.

This knowledge is key to helping organizations strengthen their defenses against cyber criminals and safeguard critical infrastructure.

If security decision makers take this bill seriously, we should also see more federal agencies and organizations taking proactive steps to bolster cyber resilience by shoring up their mission-critical assets: backing up data, practicing incident response plans, and segmenting networks.

The federal governments continued emphasis on cyber as a national imperative is a step in the right direction. Although it may take time for us to reach national resilience, its important to remember that decisive action is a win and any action beats entropy. Our attackers never stop, and its our mandate to push forward during this critical time.

Tweet this.

Global General Manager, IOT Cities & Transportation Solutions at Intel

The IIJA is a once-in-a generation bipartisan law that will provide hundreds of billions of dollars to upgrade and modernize U.S. transportation systems and physical infrastructure as well as expand broadband internet access and digital infrastructure. It is also an opportunity to rethink how these upgrades are approached and the value digital technologies can bring to transform our infrastructure, making it more resilient, innovative, and efficient and providing more value to our communities, municipalities, and states.

The digital revolution is already here transforming the way we live, work, and communicate. Smart infrastructure is a key part of this revolution. In todays knowledge-based society, we must think about infrastructure differently. Its not just concrete and steel, its also the digital components that can help make our roads, skies, waterways, and airways safer, cleaner, and more efficient. In effect, physical and digital infrastructure go hand in hand one cannot exist without the other.

Learn more.

Tweet this.

Area Vice President, U.S. Public Sector, State, Local Government and Education Markets (SLED) at Cisco

Regarding the IIJAs broadband provisions, success depends on federal agencies, state and local governments, community leaders, and private companies coordinating effectively so that all Americans have access to the connectivity necessary to succeed in a digital economy. Capturing the full picture of the digital divide in the United States is crucial, and accurate FCC-led mapping of unserved and underserved areas is central to making sure funding is going to struggling communities. As the true conveners of broadband infrastructure, state and local governments must navigate the needs of the community with available funding and solutions to achieve meaningful impact. These federal funds should also seed investments of private capital from ISPs and equity firms to make sure that there is a long-term solution increasing broadband access.

The IIJA aims to use unprecedented infrastructure investment to boost domestic manufacturing and provide quality jobs for American workers. In the case of high-tech broadband equipment, onshoring of manufacturing will be a multi-year process impacted by numerous factors affecting global supply chains. A clear indicator of success will be whether urgently needed broadband investment is allowed to proceed in parallel with the shift to increased domestic manufacturing.

Finally, we must move beyond the same old solutions to the same old problems. Beyond broadband, a strong indication of success will be strategic investments in operational technologies that support and secure our nations roadways, water systems, subways, pipelines, and utilities. Investments that include technology can lead to more sustainable, affordable, and secure solutions for years to come.

Tweet this.

Senior Vice President of Americas & Public Sector at Splunk

When it comes to our nations security, there are several provisions focused on tying physical infrastructure to its corresponding vulnerabilities. These sections of the bill showcase that cybersecurity is more important than ever and the ultimate indicator of the bills success is our investment in it. First, we must ask ourselves if we are funding for true success. Are we able to secure the tools, talent, and frameworks that allow for agility and innovation? Are we bringing the right talent together through expanding jobs and increased public/private partnerships to disseminate information and best practices?

We must use measurable data to ensure the provisions in the infrastructure bill are creating a lasting impact. For example, we must see the adoption of more automated solutions, like SOAR and SIEM, specifically for securing critical infrastructure; the growth of public/private partnerships across essential sectors of infrastructure at the state and local levels; and the implementation of zero-trust & DevSecOps operational capabilities. Providing agencies with the proper amount of funding - down to the state and local level - to implement these strategies and tools is vital in meeting the bills goals. However, without measuring the investment in these areas, we wont truly be able to assess if the infrastructure bill is working for increasing our cybersecurity posture and resilience.

Tweet this.

Senior Vice President and Acting General Manager of Operations and Security Services at the Center for Internet Security

In cybersecurity, it is often not what you see but what you dont see, or hear about, that offers the best indicator of success. The bipartisan Infrastructure Investment and Jobs Act invests almost $2 billion over the next four years to help defend our nation against cyberattacks intent on disrupting and endangering our hospitals, schools, water systems, energy sources, and other critical infrastructure. Much of that investment is focused on state and local governments down to rural areas, where the cyber risk has proven significant while resources to defend against it are limited.

The first indication of success may well be that we, as a nation, have recognized the enormous need of state and local governments. Until now, the U.S. government has primarily funded cybersecurity efforts to protect federal networks and systems with few exceptions so the acknowledgement that the cybersecurity deficit within state and local government is a national security issue is a major step in the right direction.

At the Multi-State Information Sharing and Analysis Center (MS-ISAC), we assess the cybersecurity maturity of state and local governments through the Nationwide Cybersecurity Review (NCSR). Our assessment focuses on cyber maturity in key areas ranging from implementing technical security controls to user awareness training. A key indicator of success for this grant program will be year-over-year increases to the maturity assessments of organizations participating in the NCSR.

Cybersecurity is a race without a finish line. We know it is impossible to defend against every conceivable threat and our goal is not to achieve perfect protection. Using these funds, we encourage state and local governments to drive decision making through risk management, ensure the involvement of executive leadership and governing bodies, and collaborate with others to make the most effective use of these funds. It may just be what were not hearing aboutmassive data breaches or ransomware incidents among local governmentsthat proves federal money has been well spent.

Tweet this.

Chief Strategy Officer and CISO Advisor at Sectigo

The Infrastructure Investment and Jobs Act has within it language that outlines improvements to cyber resiliency including $2 billion allocated towards state and local cybersecurity as it relates to critical infrastructure. While this is indeed much-needed funding towards cyber resiliency and protection, there must be increased funding considerations for the future. The measures outlined in the bill are a good step forward, however, the intricacies of cybersecurity and infrastructure are complex, and it may be some time before we can determine the benefits of this legislation. We cannot rely on tech if we dont understand the risks associated with it, especially when it comes to cyber threats to national-security and critical infrastructure which we saw firsthand with SolarWinds.

Importantly, the White Houses plans to bolster cyber education and critical infrastructure resilience should implement identity and cybersecurity solutions that are hand-in-hand with interoperability and openness. Though, ultimately, we need a Zero Trust security approach, which President Biden and his administration have put more of an emphasis on as outlined in their overall cybersecurity strategy. Ensuring that his priorities are intertwined with varying policy initiatives is especially critical and an opportunity for local, state and the federal government to work together and will help determine if the legislation is impactful and is working as intended.

Tweet this.

Original post:
How to know if the infrastructure bill is actually working - Protocol

Related Posts
Posted in Internet Security

Comments are closed.