Security firms are right when they claim that the US infrastructure is vulnerable. Xecco Trading using Chinese developers who wrote the code that connected both to the ACH transfer network as well as the trading exchanges. Bang, $4B USD under management worth of stock dumped and the funds transferred out. Titron was thrilled when a Chinese firm offered to replace their 3 chip zigbee + meter management + crypto cheap with an all-in-one, manufactured and delivered for pennies for their smart meters.
But the response is worse. U.S. Gov't is being influenced to award contracts to the firms that can boast 300 or more "Top Secret" cleared engineers
But there are some trying to rectify this. Get involved people. IARPA is a nice place to start, NSA does give grants for good tech, the DOD is not blinded to the ambitions of the big firms, and CyberCON is going on, right now, that will direct these budgets.
You can get involved!