The current state of critical infrastructure is a collection of legacy infrastructure integrated together over decades. This status quo makes the role of a defender disproportionally difficult. The alternative is Secure by Design, a Cybersecurity and Infrastructure Security Agency (CISA) intiative to push for manufacturers to eliminate classes of vulnerabilities from their products. Secure products, along with cyber informed engineering, gives defenders a real chance at safe and resilient infrastructure. This talk is focused on how we can bridge the gap between our current state and a secure by design future, and what that secure by design future even looks like within the constraints of a critical infrastructure environment.