Critical infrastructure organizations are on alert as bad actors see these infrastructures as attractive target for cyber-attacks. Ransomware variants, phishing emails, wiper malware and more show up as tactics used to disrupt services offered by these infrastructures. As digital transformation grows, so does the number of users, devices and applications connect across the operational technology, information technology, and cloud domains. This increases the number of remote users accessing critical systems like meters, sensors, and industrial control systems. While for many critical infrastructure owners and operators, this positively contributes to operational efficiency, it has also increased cyber risk and expanded the attack surface introducing known and unknown threats to the critical systems. During this session, we will look at the threats impacting critical infrastructure organizations and discuss the value of a threat-informed defense strategy for securing these organizations.