Foreign-made tech is the new battleground in cybersecurity. Aging systems, AI-driven threats, and an expanding attack surface are leaving critical infrastructure exposed.
Hackers no longer rely on brute-force malware but slip in undetected, gathering intelligence and exploiting weaknesses.
With AI, supply chain risks, and foreign surveillance tech in play, securing infrastructure isn’t just important — it’s a national priority.
In this episode of Defense Disruptors, we sit down with Sean Tufts, Managing Partner at Optiv, to discuss evolving cyber threats, cybersecurity in the age of AI, and the silent threat of foreign-made surveillance tech.
The Rise of Silent Cyber Threats
The cybersecurity landscape is undergoing a significant transformation, Tufts believes, with evolving threats to US critical infrastructure presenting rising risks.
The integration of legacy systems with modern security frameworks remains a key challenge, as outdated software platforms continue to create vulnerable gaps, making critical infrastructure prime targets.
Furthermore, hackers are ditching traditional malware for stealthier tactics. Tufts warns that a new wave of cyberattacks, originating from Southeast Asia, slips past defenses by exploiting known vulnerabilities rather than deploying detectable malware.
These threats live “off the land,” blending seamlessly into networks while quietly gathering intelligence.
These adversaries are not interested in ransomware or immediate financial gain but rather in prolonged surveillance and reconnaissance, Tufts explained.
“They want to listen, learn, and understand our infrastructure: how it works, what its dependencies are, and where its weak points lie,” he said, warning that the long-term implications of such surveillance efforts remain unknown but could be devastating in future conflicts.
Optiv addresses these challenges with a comprehensive cybersecurity approach, covering the full value chain — from advisory and technology to deployment and ongoing management.
The firm specializes in technology consolidation and rationalization, managed detection and response, cloud security services, AI security services, security operations center modernization, secure access service edge solutions, cyber risk management, and more.
Securing Critical Infrastructure: A Race Against Time
However, US critical infrastructure is riddled with vulnerabilities, so many that fixing them all is nearly impossible.
Tufts pointed out that operators often face thousands of critical security flaws (CVEs), making remediation a daunting task.
To cope, many organizations rely on “air gaps,” physically isolating systems from the internet. But Tufts warns this is a temporary fix. As modernization efforts advance, these barriers will come down, demanding smarter, more adaptive security solutions to stay ahead of evolving threats.
Strengthening Cybersecurity Through Public-Private Collaboration
Protecting critical infrastructure isn’t a solo mission, it demands a united front.
Tufts underscored the need for stronger collaboration between the private industry and government agencies.
The top priority? Reinforcing cybersecurity fundamentals at scale.
Tufts also stressed the need for better intelligence-sharing between sectors, as supply chain vulnerabilities impact everyone.
“If a transformer manufacturer goes down, we have problems across the board. If the grid goes down, we all have problems,” he warned.
Closing these gaps means demanding stricter security protocols from suppliers and strengthening interdependencies before threats exploit them.
AI in Cybersecurity: Power and Peril
AI is transforming cybersecurity, rapidly identifying and neutralizing threats. But with great power comes great risk. Tufts warns that without strict governance, AI could expose sensitive data to unknown risks.
“We can’t just open the floodgates and dump all of our data into third-party AI applications without knowing where that data is going or how it will be used,” he cautioned.
Organizations must take a measured approach, he argued, enabling AI tools within carefully defined boundaries to harness their potential while keeping security airtight.
Foreign-Made Surveillance Tech: A Silent Threat
One of the most pressing cybersecurity concerns, Tufts warned, is the presence of foreign-made surveillance technologies, particularly Chinese-manufactured cameras and other networked devices.
While the US tightly regulates military tech, seemingly non-sensitive infrastructure, such as cameras, routers, and sensors, remains a weak point.
“If China can get real-time visuals on where we store munitions, where we are investing in new military technologies, and where we are moving troops and equipment, they can make highly strategic decisions that put us at a disadvantage,” Tufts said.
Without stricter oversight, these devices could be used for reconnaissance, paving the way for cyber and physical attacks, he warned.
Closing the Cyber-Physical Security Gap
To better defend against these threats, organizations must integrate their cyber and physical security teams, Tufts argued.
Cyber and physical security are too often treated as separate worlds, leaving dangerous blind spots, he noted.
He called for a unified approach where cybersecurity teams actively monitor physical security indicators, such as unauthorized badge access or suspicious activity on security cameras.
Additionally, he underscored the importance of maintaining accurate asset inventories, as many vulnerabilities stem from devices that organizations are unaware of.
“IP cameras have a nasty habit of sitting undetected on corporate networks,” Tufts said. He notes that simple vulnerability scans have revealed numerous unauthorized Chinese-made cameras in sensitive areas, emphasizing the need for stricter oversight and removal of such risks.
A Call to Strengthen Cyber Defenses
As cyber threats evolve, Tufts urges organizations to shift from reactive to proactive security.
Increased investment in cybersecurity, tighter public-private collaboration, and stricter scrutiny of foreign tech in critical systems are essential steps.
“We are at a critical juncture where our adversaries are watching and learning,” Tufts concluded. “If we don’t take immediate action to secure our infrastructure, we risk falling behind in an increasingly volatile cyber landscape.”
