Georgia Tech Faculty Explore Threats to Critical Infrastructure at Cybersecurity Conference

The inaugural Level Zero OT Cyber Security Conference gave attendees from across industries an opportunity to discuss ways to safeguard critical infrastructure

May 02, 2025 | By Maria Guerra
Two men giving a presentation at a cybersecurity conference.

Last month, cybersecurity professionals and experts gathered at Georgia Tech's Exhibition Hall to highlight industry advancements and address the complex challenges associated with securing cyber-physical systems. Over the course of three days, the Level Zero OT Cyber Security Conference, organized by (CS)²AI, drew around 300 participants who networked and gained practical knowledge by participating in breakout sessions, interacting in hands-on workshops, as well as attending expert-led presentations.

Among those invited by the Level Zero Conference organizers to share their insights were Saman Zonouz, director of the Online Master of Science in Cybersecurity (OMS Cybersecurity) Cyber-Physical Systems track, and Ryan Shandler, assistant professor of political science at the Georgia Tech School of Cybersecurity & Privacy. 

The two Georgia Tech researchers delivered an insightful and engaging presentation that centered on evaluating the vulnerability of key critical infrastructure sectors, including transportation, energy, and telecommunications. They provided attendees with a glimpse into their extensive study on how cyberattacks impact human behavior. 

Shandler, a behavioral scientist, discussed the psychological impacts of cyber threats and the innovative methodologies the research team is utilizing to examine this topic. One notable approach involves simulating exposure to cyberattacks by using fake newsreels to assess individuals' behavioral responses to threats aimed at destabilizing critical infrastructure systems. 

“People react very emotionally to cyberattacks,” he shared, noting that their research aims to develop strategies to bolster resilience against these threats. 

Zonouz and a team of Georgia Tech researchers recently discovered a way to identify numerous exposed programmable logic controllers (PLCs), which are critical components in industrial automation. “Our solution allowed us to identify 40 times more PLC devices that are unintentionally exposed online,” Zonouz noted, underscoring the urgent need for implementing measures to predict, prevent, and address cyber threats.

During their session, both experts outlined the methods they are employing to assess the impact of an attack, determine the vulnerability of each sector, and understand the threat dimension of the incident. They plan to develop a cyber threat risk modeling tool that maps threats to specific sectors and identifies those that are not only the most vulnerable but also the most appealing to terrorists. “The most vulnerable sector does not necessarily mean it’s the most valuable,” Shandler stated.