- Pro
Examining why cybersecurity is fundamental for the public good in society
Comments (0) ()When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.
(Image credit: Thapana Onphalai via Getty Images)
The concept of a public good has long recognized in philosophy and economics. Famous thinkers from Aristotle to John Rawls have all argued that goods which sustain individual and societal welfare must be collectively protected.
Traditionally, a public good is defined as non-excludable, meaning no one can be denied access, and non-rivalrous, where one person’s use does not diminish another’s. This traditionally includes clean air, safe drinking water, and public safety.
- Amazon Black Friday deals are live: here are our picks!
-
Creating a cyber-first culture through strategic governance
-
Protecting productivity: the imperative of cybersecurity in manufacturing
-
When chaos is the goal, resilience is the answer
General Manager, EMEA, Claroty.
Examples such as HVAC systems in libraries and building management systems in schools are all unseen technologies which form an invisible layer of civic infrastructure.
When governed well, they quietly enable continuity and safety. However, when compromised, they can undermine the very public goods they are meant to protect.
If CPS are now part of the public good, governments must govern them with the same diligence as water, health, or safety. This requires moving towards building frameworks that treat CPS risk as a societal concern, not just a technical one.
How does the threat landscape really affect people’s lives?
Public conversation about cyberattacks far too often reduces them to terms of financial losses. Of course, the numbers do matter - Claroty found that 45 percent of critical infrastructure professionals reported financial impacts of at least half a million dollars from CPS-related attacks. But for the public, the deeper issue isn’t financial, it’s societal and human.
Are you a pro? Subscribe to our newsletterContact me with news and offers from other Future brandsReceive email from us on behalf of our trusted partners or sponsorsBy submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.When CPS disruptions impact critical national infrastructure, communities lose much more than money. Attacks on power grids can deny entire populations access to electricity or clean water. If a transport system goes down, there’s an increased risk of catastrophic accidents.
In healthcare, attacks could lead to delayed access to care and lives quite literally placed in jeopardy. Look at the 2024 Change Healthcare cyberattack; it disrupted countless hospitals across the US and showed just how easily CNI attacks can shake society to its core.
These social impacts are not felt evenly, and research from the University of Tennessee has shown that the most vulnerable members of society are the ones who suffer the most.
You may like-
Creating a cyber-first culture through strategic governance
-
Protecting productivity: the imperative of cybersecurity in manufacturing
-
When chaos is the goal, resilience is the answer
People living in disadvantaged areas are often exposed to multiple risks at once and have fewer resources to cope with disruption. This makes the responsibility on local governments even more important.
What does it take to move from reactive fixes to proactive resilience?
The key is governance. Strong governance transforms passive detection into actionable protection. This demands security to be framed as a matter of leadership rather than an afterthought left with IT management teams.
A central part of effective governance is conducting due diligence. Organizations must be able to identify any weaknesses or oversights and understand risks in order to reduce them to manageable levels.
This kind of ongoing assessment makes it possible to share risk information with decision makers and ensures policies are based on reality rather than assumptions. Approaches such as Zero Trust, which continuously verify access can help maintain control in environments where speed and precision are essential.
The core to resilience is really down to visibility. There’s no excuse to struggle to answer basic questions such as “what assets do we own?” or “how exposed are they?” Without answers, governance cannot mature. Resilience requires continuous discovery of assets and risk information so that CPS protection is shared rather than trapped in silos.
Cooling centers are one emerging example. As global temperatures rise, these are becoming vital public services. Delivering them responsibly means designing and governing them in a way that accounts for human impact and embeds resilience from the start. Only then can their availability, and the public good they represent, be reliably assured.
What blind spots are most dangerous in CPS today?
A challenge for security is the complexity of modern IT infrastructure. Organizations must manage both IT and OT environments. Many operational devices were never designed with cybersecurity in mind yet are increasingly connected to the internet and exposed.
Traditional internet security tools cannot handle this complexity. OT devices often rely on proprietary protocols or specialized operating systems which make them attractive targets for ransomware and other attacks.
The only realistic solution is CPS-specific cybersecurity. That begins with visibility to know exactly what devices are connected to what networks. Asset management software can build a complete inventory so that no device is overlooked. Once this is in place, strategies such as exposure management and secure access can be applied in ways that reflect the unique challenges of CPS environments.
How can local leaders turn CPS security into public trust?
For leaders, treating CPS governance as a public good allows them to safeguard not just systems but also community confidence. Citizens rightly expect governments to ensure clean water, reliable healthcare, and public safety. Increasingly, they will expect the same for the digital systems that sustain daily life.
That means treating CPS as part of the service lifecycle. It also means ensuring protection is not siloed but shared across agencies so that there’s accountability in every layer of governance.
In an era of global unrest, this becomes even more urgent. State-backed adversaries are targeting CPS not only for financial reasons but also to disrupt public order. That makes early detection and real-time situational awareness essential.
When leaders are transparent about these efforts, they send a clear signal that essential services are being defended with the same care and responsibility as other public goods.
Why must CPS governance be treated as essential?
Cyber-physical systems are no longer invisible or secondary. They are public goods that are directly tied to the wellbeing of society. Disruption not only erodes trust but also deepens inequality and threatens safety.
State and local governments for all nations have both the responsibility and the opportunity to lead the way. By embedding governance, visibility, and CPS-specific resilience into the management of CNI, they can protect not only operations but also the trust and stability of the communities they serve.
Check out our feature on the best software asset management (SAM) tools.
TOPICS AI
Andrew LintellSocial Links NavigationGeneral Manager, EMEA, Claroty
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.
Logout Read more
Creating a cyber-first culture through strategic governance
Protecting productivity: the imperative of cybersecurity in manufacturing
When chaos is the goal, resilience is the answer
Why every CISO should demand a comprehensive Software Bill of Materials (SBOM)
Cybersecurity: the unseen engine of the UK’s digital future
When prevention fails: the case for building cyber resilience, not walls
Latest in Pro
Best portable projector of 2025
Need an eSIM but not sure which one to buy? I have the perfect Black Friday eSIM deal for you
Take extra care shopping for Black Friday deals - experts find thousands of fake websites looking to steal your details
Microsoft Teams guest access could let hackers bypass some critical security protections
Many of us aren't confident we could spot a fake website this Black Friday - so be on your guard
Print security means business security: protecting data across the physical-digital boundary
Latest in Opinion
Windows 10 adoption is stalling, so Microsoft must fix a major issue
The Commodore 64 is back on the production line for the first time in 30 years – and I want it, even if it makes zero sense
Amazon blocks ChatGPT shopping agent – what the fallout could mean for you
The new code war: Cold War paranoia meets cyber conflict
The war on trust: how AI is rewriting the rules of cyber resilience
Sam Altman wants his AI device to feel like 'sitting in the most beautiful cabin by a lake,' but it sounds more like endless surveillance
LATEST ARTICLES- 1What are the best Bluetooth speakers money can buy? I’ve tested more than 30 models, and these are my top picks for every budget
- 2Best portable projector of 2025: Tested for streaming and presenting on the go
- 3The best robot vacuum 2025: top robovacs to keep every home dust-free
- 4Everything new on Disney+ in December 2025: Percy Jackson season 2, Taylor Swift: The End of an Era, and more
- 5The Legend of Zelda Movie: everything we know so far about the new Nintendo movie (release date, cast, and more)
