Cybersecurity & Tech Executive Branch

Lawfare Daily: The Military’s Operational Technology Cyber Vulnerabilities

Justin Sherman, Jim Dempsey, Andrew J. Grotto, Jen Patja
Tuesday, January 27, 2026, 7:00 AM
How may U.S. adversaries exploit the cyber vulnerabilities in the military?
Meet The Authors
Subscribe to Lawfare

Andy Grotto, William J. Perry International Security Fellow and the founder and co-director of the Program on Geopolitics, Technology, and Governance at Stanford University’s Center for International Security and Cooperation (CISAC), and Jim Dempsey, a senior policy adviser to that program and a Lecturer at the UC Berkeley Law School, join Lawfare’s Justin Sherman to discuss their recent study on the U.S. military’s domestic operational technology (OT) cybersecurity vulnerabilities, domestic installations’ dependencies on critical infrastructure both “inside the fence” and “outside the fence,” and how U.S. adversaries could exploit the flaws. They also discuss the myth of the air gap; the Pentagon's Energy Resilience Program; the role that standards, regulations, and procurement could play in strengthening the cybersecurity of OT systems on which the military depends; and what the threat landscape will look like in the coming years.

Resources:

To receive ad-free podcasts, become a Lawfare Material Supporter at www.patreon.com/lawfare. You can also support Lawfare by making a one-time donation at https://givebutter.com/lawfare-institute.

Topics:
Cybersecurity & Tech Executive Branch
Back to Top
Justin Sherman

Justin Sherman

@jshermcyber
Read More
Justin Sherman is a contributing editor at Lawfare. He is also the founder and CEO of Global Cyber Strategies, a Washington, DC-based research and advisory firm; the scholar in residence at the Electronic Privacy Information Center; and a nonresident senior fellow at the Atlantic Council.
Jim Dempsey

Jim Dempsey

Read More
Jim Dempsey is a lecturer at the UC Berkeley Law School and a senior policy advisor at the Stanford Program on Geopolitics, Technology and Governance. From 2012-2017, he served as a member of the Privacy and Civil Liberties Oversight Board. He is the co-author of Cybersecurity Law Fundamentals (IAPP, 2024).
Andrew J. Grotto

Andrew J. Grotto

@GrottoAndrew
Read More
Andrew J. Grotto is the William J. Perry International Security Fellow at Stanford University and the founding director of the Program on Geopolitics, Technology and Governance at the Stanford Cyber Policy Center. He serves as the faculty lead for the Cyber Policy and Security specialization in Stanford's Ford Dorsey Master's in International Policy degree program and teaches the core cyber policy course for the specialization. He is also a visiting fellow at the Hoover Institution. He served as senior director for cyber policy on the National Security Council during the Obama and Trump administrations from late 2015 through May of 2017.
Jen Patja

Jen Patja

Read More
Jen Patja is the editor of the Lawfare Podcast and Rational Security, and serves as Lawfare’s Director of Audience Engagement. Previously, she was Co-Executive Director of Virginia Civics and Deputy Director of the Center for the Constitution at James Madison's Montpelier, where she worked to deepen public understanding of constitutional democracy and inspire meaningful civic participation.
}

Subscribe to Lawfare