From the Most Visible to the Less Apparent

• By S. Guerry Bruner
• Mar 03, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) states “There are 16 critical infrastructure sectors whose assets, systems, and networks, whether physical or virtual, are considered so vital to the United States that their incapacitation or destruction would have a debilitating effect on security, national economic security, and national public health or safety or any combination thereof.”

Of the ones CISA lists people are likely most concerned about communications, information technology (IT), emergency services, healthcare, energy, financial services, transportation systems and commercial facilities such as sports and entertainment venues.

After all, these tend to be the sectors we personally rely on most or frequent regularly. They’re also among those we instantly hear about whenever there’s breaking news surrounding a cyberthreat, natural disaster, attack, or other disruption.

Manned and Unmanned
Critical infrastructure facilities can be staffed or unmanned. Manned locations include airports, data centers, and hospitals that have readily visible onsite security staff and video surveillance cameras, as well as added monitoring technology and robust access control protocols.

These sectors often fortify perimeters with sturdy yet attractive bollards and fences to deter vehicle intrusions. In the case of enterprise and collocation data centers, reinforced concrete exteriors and storm-rated doors can also be common depending on data sensitivity and whether sites are prone to natural disasters and other factors. Even with hardened spaces and robust screening, there is always the possibility of security gaps that need to be filled.

The healthcare industry, for instance, has been forced to add more stringent steps to counteract the costly ransomware and cyber-attacks they have experienced in recent years. While rare, these events are extremely serious. Healing environments are complex enough without added security issues. Addressing these challenges is essential to assuring well-being and confidential information are never compromised.

Measures and technologies for safeguarding critical infrastructure range from the obvious like guards, cameras, and scanning equipment to more discreet solutions like user-friendly access credentials for individuals.

Take advanced door security solutions which are crucial to the safety of crewed and unmanned sites alike. Electronic access control, for example, now includes easy-to-use biometrics like facial identification and mobile credentials for reliable authentication. Both provide robust security.

The same goes for innovations in intelligent key and lock systems that are being deployed to better protect the openings of a wide range of remote unmanned critical infrastructure, including facilities for power generation and water quality, and equipment for maintaining traffic flow.

Most people driving our roads do not give much thought to how traffic lights function. Nor do they likely notice the big cabinets at every intersection that house sophisticated equipment for the signals. These expensive electronics not only control the lights, but they also connect to and transmit data over a statewide communications network – infrastructure that could be seriously breached if these cabinets are easy to break into or inadvertently left unlocked.

What might come as a surprise is how doors on these cabinets are still latched with a standard mechanical lock and key, just like they have been for decades. These obsolete locks are still vulnerable to being compromised and have keys that are more likely to be lost or fall into the wrong hands without a trace. It doesn’t take much to imagine the potential havoc that could unleash.

The good news is more U.S. departments of transportation are switching to intelligent cylinder locks and keys for control cabinets. Products like Medeco XT, for example, are simple to retrofit and easy to program through web-based software to grant, revoke and schedule access.

Although the XT lock is offline, software can connect to the intelligent key either physically or by BLE to generate audit reports for verifying which technicians or contractors have accessed a cabinet as well as its lock status history.

Learn how well this solution is working for the Virginia Department of Transportation.

Solutions like HES 630REL Series powered locks go a step further by featuring online connectivity to check a cabinet’s lock status in real time and a motor drive for instant remote locking if necessary.

Some state DOTs also have hub stations, which could be considered mini-data centers. These are usually 20’ x 20’ unmanned buildings with server racks and network gear that connect to various traffic cabinets in a region. Their remote locations also require solutions like those from

HES, not only for a building’s exterior locks but also for the server racks inside.

Just as vital are unmanned power generation and distribution sites such as solar and wind farms and electric utility substations. Too many of these critical locations and their control equipment spaces are also still only secured with a basic mechanical lock and key; some even with just a padlock. The same goes for EV charging station hubs, wastewater processing sites, gas pipeline control cabinets, and cell tower hubs.

Just think of the hundreds of thousands of cell tower sites throughout our country. Like traffic light intersections, most people do not realize that each of them also has an enclosure housing vital equipment that needs robust safeguarding from vandalism, theft, and ultimately, the loss of communication that we depend on for everything from sharing a baby picture to an urgent call for help.

That is why it is amazing to learn how keeping our critical infrastructure safe and secure simply boils down to keeping its vital components under the most trustworthy and intelligent lock and key and access control solutions.