Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

ICS/OT

US Acting to Better Protect Infrastructure From Cyberthreats

The Biden administration is taking steps to harden cybersecurity defenses for critical infrastructure, announcing on Wednesday the development of performance goals and a voluntary public-private partnership to protect core sectors.

The Biden administration is taking steps to harden cybersecurity defenses for critical infrastructure, announcing on Wednesday the development of performance goals and a voluntary public-private partnership to protect core sectors.

The actions, outlined in an order from President Joe Biden, are an acknowledgment of the cybersecurity vulnerabilities of critical industries — a reality made clear by the May hack of the nation’s largest pipeline, which delivers about 45% of the fuel consumed on the East Coast.

They also are meant to address the “patchwork of sector-specific statutes” that have been adopted piecemeal over time and that leave the government without a uniform or adequate cybersecurity threshold, according to a senior administration official who briefed reporters before a formal announcement.

[ ReadHouse Passes Several Critical Infrastructure Cybersecurity Bills ]

The partnership was launched as a pilot program in April with electricity utilities, and another plan is underway for natural gas pipelines. Additional alliances with other sectors will be formed this year, the White House said. The move comes as federal officials have been promoting greater cybersecurity resiliency among private companies, including announcing new requirements and protections for pipeline owners and operators last week.

The partnership is voluntary, though the administration has not ruled out the possibility of mandatory requirements in the future, the official said. But short of legislation, the official said, “there isn’t a comprehensive way to require deployment of security technologies and practices that address, really, the threat environment that we face.”

Democratic Rep. Adam Schiff of California, chairman of the House Intelligence Committee, praised the White House action as essential and “an important step.” But, he added, “I believe Congress must look beyond voluntary standards to strengthen our defenses.”

In addition, the new order will direct the departments of Homeland Security and Commerce to collaborate with other agencies on developing cybersecurity performance goals for critical infrastructure.

Advertisement. Scroll to continue reading.
Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join us as we delve into the transformative potential of AI, predictive ChatGPT-like tools and automation to detect and defend against cyberattacks.

Register

As cybersecurity breaches and incidents escalate, the cyber insurance ecosystem is undergoing rapid and transformational change.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Artificial Intelligence

The degree of danger that may be introduced when adversaries start to use AI as an effective weapon of attack rather than a tool...

ICS/OT

The overall effect of current global geopolitical conditions is that nation states have a greater incentive to target the ICS/OT of critical industries, while...

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...

ICS/OT

Otorio has released a free tool that organizations can use to detect and address issues related to DCOM authentication.