By Dr. Jarrod Sadulski | 10/01/2025
The terror attacks of September 11, 2001, brought to light the threats to critical infrastructure sectors in the United States. During the period of uncertainty following the attacks, a big concern was a potential attack on critical infrastructure systems.
Critical infrastructure in the United States includes many critical infrastructure assets, including:
- Financial services
- Emergency services
- Industrial control systems
Global economies and national defense depend on adequate critical infrastructure protection due to a broad threat landscape.
Post-9/11 Security Enhancements
Following the 9/11 attacks, homeland and economic security and securing our nation's critical infrastructure became a national priority. Government agencies and the private sector immediately began to enhance critical infrastructure protection. Through a national infrastructure assurance plan, they ensured that additional security was provided to:
- Nuclear power plants
- Major dams
- Government buildings
- Ports of entry
In addition, antiquated security protocols were revised. Critical infrastructure owners in the private sector partnered with the newly established Department of Homeland Security to implement a national infrastructure protection plan, which included updated emergency procedures and plans.
During this time, I was in the Coast Guard and stationed in Miami, Florida. It was an uncertain time because evolving cyber threats and other threats to critical infrastructure sectors were still emerging.
Maintaining Maritime Security and Port Protection
During my time in the Coast Guard, one of my maritime security responsibilities was cruise ship protection. It was called the Sea Marshal Program.
This program involved an armed team of Coast Guard members (including myself) meeting cruise ships as they exited international waters near Miami, Florida. We would come aboard and ride in the pilothouse (the captain’s deck) to ensure the ship remained in control of the captain and port pilots.
We also inspected cargo ships entering Miami. Our team would conduct a cursory check for:
- Weapons of mass destruction
- Stowaways
- Illicit drugs
In addition, port security involved conducting maritime patrols around Miami, Fort Lauderdale, and the Everglades. We ensured that no unauthorized boats or other watercraft could approach high-interest vessels or port facilities. Vessels carrying a large number of passengers and cargo ships carrying fuel or other hazardous materials were assets that required special protection.
We conducted port security patrols both day and night. Our team maintained a security perimeter around each port to ensure that no one could approach it with explosives.
The Sea Marshal Program team also provided security to a nuclear power plant called Turkey Point, located in southern Miami-Dade County. This assignment involved maritime patrols, who would investigate any suspicious activity near the power plant and to maintain a perimeter around it.
Nuclear power plants provide vital services that fuel our society. By providing physical security to the plant, we mitigated significant risks and increased national security.
Securing Critical Infrastructure from a Terrorist Attack
While protecting high-value industries and assets in critical sectors, I had the opportunity to be on the frontlines of critical infrastructure protection. It was shortly after 9/11 and during one of the highest national threat levels in my 26-year Coast Guard career.
While on patrol conducting port security around Miami, I received a report through the national “See Something, Say Something” anti-terrorism campaign. A tour boat captain reported that a passenger on his vessel was:
- Asking questions regarding national security
- Demonstrating suspicious behavior
I approached and talked with the passenger. He said he was an Afghan national residing in New York City, but he was visiting Miami.
However, one question he asked the tour boat captain was how close a jet ski could get to Miami before being intercepted by the Coast Guard and other law enforcement organizations. He also took some photos that weren’t typical tourist photos, such as the base of a bridge.
When I questioned him regarding his unusual behavior, this passenger provided conflicting statements and roused my suspicion. Due to the heightened threat alert and recent terrorist threats aimed at Miami, I detained the suspicious passenger until people from additional federal agencies could arrive.
The passenger was interviewed at the Port of Miami immigration office by different federal agency personnel for several hours. One of those federal agencies was the FBI.
On that day, the passenger was released but the FBI began an investigation the FBI. Shortly after returning to New York City, he attempted to purchase explosives from an undercover FBI agent with the intent of using a jet ski to attack the Port of Miami. He was arrested and the terror attack never happened.
This case was one of many successful cases that happened nationwide where intelligence sharing and interagency cooperation mitigated terrorist threats. However, threats to critical infrastructure continue to evolve, especially in cybersecurity.
Evolving Cybersecurity Threats
Cybersecurity is one of our biggest challenges that U.S. critical infrastructure faces. Cyber attacks can have devastating consequences on essential services and cripple critical infrastructure sectors such as:
- The drinking water supply system
- The electrical grid
- Industries in the financial services sector
- Public health and hospital systems
- Telecommunication systems
- Computer networks
- 911 dispatch centers and other critical services involving first responders
One major challenge to protecting U.S. cybersecurity is that a bad actor does not have to reside in the United States. Any hacker, anywhere in the world, can launch an attack, access sensitive information, and complicate investigations.
However, the Cybersecurity and Infrastructure Security Agency (CISA), which is part of the Department of Homeland Security, continually monitors for cyber threats. CISA utilizes technology to keep up with bad actors and cyber threats and to ensure network security.
This work includes the use of AI and other advanced technology to detect threats before such attacks occur. CISA also depends on private-sector stakeholders to maximize its cyber threat intelligence.
Potential threats can be monitored. Similarly, cyber threat information can be provided in real time to protect critical infrastructure sectors using operational technology (OT) systems such as:
- Gas pipelines
- Water and wastewater systems
- Information technology systems
- The energy sector
- The public health sector
Another challenge to our national infrastructure's public sectors is natural disasters and climate change. Hurricanes, tornadoes, and earthquakes can pose major challenges to cybersecurity by destroying power lines and server farms. Equipment failures and human error can also increase cyber risks and threaten the well-being of the public.
Collaboration and Information Sharing Is Vital
Protecting critical infrastructure requires coordination between government agencies, private stakeholders, and intelligence communities. Effective communication ensures that national and economic security threats are detected and addressed before they escalate.
Strong partnerships, supervisory control, and a mitigation plan can improve incident response and reduce the debilitating impact of an incident. In terms of strong partnerships, that cyber threat information must be shared among government and private stakeholders.
Updated cyber threat information can ensure effective protection. Cyber threat information should also flow among intelligence agencies and homeland security agencies.
To adequately protect critical infrastructure, the challenges must continue to be evaluated and mitigated. Small businesses can have a role in supporting law enforcement in their attempts to protect critical infrastructure by sharing information about potential threats. Anyone who suspects a threat to critical infrastructure should report it immediately to 911 or local law enforcement.
The B.A. in Homeland Security at APU
For adult learners interested in providing homeland security and guarding critical infrastructures, American Public University (APU) provides an online Bachelor of Arts in Homeland Security. Taught by homeland security professionals, this degree program features courses such as an introduction to homeland security and defense, border and coastal security, and intelligence and homeland security. Other courses include homeland security legal and ethical issues and critical infrastructure protection.
In addition, APU also offers an online undergraduate certificate in homeland security and an online graduate certificate in homeland security. These certificate programs are intended for students who wish to have a greater knowledge of homeland security without committing to a degree program.
For more details, visit APU’s homeland security degree program page.
Note: Completion of a certificate program does not award any professional certifications but may be helpful in preparing to earn such certifications.
Dr. Jarrod Sadulski is an associate professor in the School of Security and Global Studies and has over 20 years in the field of criminal justice. He holds a bachelor’s degree in criminal justice from Thomas Edison State College, a master’s degree in criminal justice from American Military University, and a Ph.D. in criminal justice from Northcentral University.
His expertise includes training on countering human trafficking, maritime security, mitigating organized crime, and narcotics trafficking trends in Latin America. Jarrod has also testified to both the U.S. Congress and U.S. Senate on human trafficking and child exploitation. He has been recognized by the U.S. Senate as an expert in human trafficking.
Jarrod frequently conducts in-country research and consultant work in Central and South America on human trafficking and current trends in narcotics trafficking. Also, he has a background in business development.