COLUMBIA, Md. -- More than 200 security and infrastructure cybersecurity experts gathered at the Technology Advancement Center in Howard County for the nation’s first state-led critical infrastructure cyber workshop, Aug. 26–28, 2025.
The Maryland Critical Infrastructure Cyber Resilience Workshop, which focused on the water and wastewater sector during the three-day event, was co-organized by the Office of the Under Secretary of Defense for Acquisition and Sustainment Cyber Warfare Directorate, the Maryland National Guard, and the state of Maryland.
The workshop brought together representatives from the Department of Defense (DoD), state and federal agencies, water utility providers, and private-sector partners. The first two days featured collaborative discussions, while the final day included a cyber tabletop exercise led by the Maryland National Guard.
According to Mr. John Garstka, Office of the Under Secretary of Defense (Acquisition and Sustainment) Cyber Warfare Director, the workshop and the cyber tabletop exercise allowed participants to concentrate on building the robust partnerships required to secure critical infrastructure.
“Increasingly sophisticated cyber-attacks demand a shift in how we think and advocate for resources to cyber harden our critical infrastructure” said Garstka. “We can no longer just address cyber pirates; we must deter and restrain motivated nation-state actors. Collaboration of federal, state, and local agencies along with the private sector allows us to multiply our efficacy and direct our resources to more effectively increase cyber protections for our critical infrastructure.”
The workshop and the cyber tabletop exercise allowed multiple levels of the government, military, academia, and industry partners within Maryland to improve the collective cyber resilience posture of the water and wastewater critical infrastructure sector.
The goal of the event, which is the first-time the DoD directly collaborated with a state National Guard for this kind of workshop, was to strengthen partnerships between government and industry, share lessons learned, and determine a path forward to support the State-Federal Unity of Effort on Cybersecurity.
“We are laser focused on protecting the people of Maryland not just from natural disasters but all homeland threats,” said Maryland Army National Guard Maj. Gen. Janeen L. Birckhead, adjutant general for Maryland. “By hosting this first-of-its-kind workshop, Maryland is leading the way in showing how state, federal, and private partners can come together to protect critical infrastructure and strengthen national security.”
The pilot program highlighted the National Guard’s dual role in supporting both national defense and local communities of their state or territory.
The workshop established a collaborative ecosystem for improving cyber risk management across multiple stakeholders. The key objective was to share practical information that enables utility companies to reduce cyber vulnerabilities through achievable cyber hardening practices. Due to the DoD reliance on commercial critical infrastructure, creating shared values that enhance national security objectives is essential for the future of DoD’s warfighting capability and attainment of national security objectives.
As cyber threats grow more frequent and sophisticated, officials say protecting critical infrastructure requires a proactive, risk-based strategy. The strategy includes investing in threat intelligence, stronger security controls, and skilled cybersecurity professionals to safeguard systems and reduce the impact of potential breaches. Adequate resources must be prioritized to strengthen key networks, minimize disruptions, and ensure essential services continue.
“Cybersecurity is no longer just an IT issue—it’s a public safety issue. Water is the one utility we all consume every single day, and that makes it a prime target for cyberattacks,” said Maryland State Senator Katie Fry Hester, District 9. “With SB 871, Maryland became the first state in the nation to pass a comprehensive water cybersecurity law, but we know we can’t do this alone. This workshop with the Department of Defense, the Maryland National Guard, and our state agencies is about building the partnerships we need to protect not just military installations, but the families, businesses, and communities that rely on safe, secure water every day.”
About Maryland National Guard:
The Maryland National Guard is a dual-status force with a federal mission to provide a combat reserve for the U.S. Army and U.S. Air Force to fight the nation’s wars and a state mission to provide a response force for the state of Maryland and protect the homeland. The Maryland National Guard is made up of approximately 6,000 Soldiers and Airmen who are well-trained and equipped to deploy overseas and keep their communities safe at home by remaining “Always
Ready, Always There.”
About OUSD(A&S)’s CWD:
The Cyber Warfare Directorate (CWD) is a part of the Platform and Weapon Portfolio Management Office in the OUSD(A&S) and conducts capability portfolio management for cyberspace operations, conducts mission‐level cyber risk assessments in support of Joint Staff, Services, and Combatant Commands, and integrates findings into relevant Integrated Acquisition Portfolio Reviews. CWD is OUSD(A&S) lead for weapon systems cybersecurity.