Wednesday, July 28, 2021

Biden Moves To Boost Critical Infrastructure Cybersecurity

After Major Cybersecurity Attacks, such as the One that impacted Colonial Pipeline, President Biden issued a National Security Memorandum to amp up Cybersecurity Infrastructure.

A Senior Administration Official. on Tuesday night, said that the Memorandum will Require the Cybersecurity and Infrastructure Security Agency (CISA), and the National Institute of Standards and Technology (NIST), to Work with other Agencies in Developing Cybersecurity Performance Goals for Critical Infrastructure Sectors.

Additionally, the Memorandum will formally establish Biden's Industrial Control Systems (ICS) Cybersecurity Initiative, which is a Voluntary Collaboration between, the Government and the Private Sector, to boost the use of Technologies to Protect against Cyber-Threats and provide Warnings and Indicators of Attack.

The ICS Program, was First launched in April, as part of the Department of Energy (DOE) kicking off a 100-day Plan to Protect the Electric Sector from Cyberattacks.

The Senior Administration Official said that since then, more than 150 Electricity Utilities have either Deployed or Agreed to Deploy, New Technologies aimed at Preventing Cyberattacks, with the Utilities involved representing nearly 90 Million U.S. Residential Customers. They noted that additional Programs, for specific Sectors, are planned for “later this year."

“This is a public-private initiative effort with a focus to roll out these very specific technologies voluntarily by the private sector, close cooperation to really ensure we get these protections in place within the voluntary model that is in place for our cybersecurity for critical infrastructure today,” the Official said.

The New Memorandum comes as part of the Biden Administration’s efforts to confront Escalating Cyberattacks, in recent months, that have at times Endangered National Security.

These Attacks have included the Ransomware Attacks by Russian-linked Cybercriminal Groups on Colonial Pipeline and JBS USA, along with the more Recent Ransomware Attack, on Software firm, Kaseya, that Impacted up to 1,500 Companies. The Attack on Colonial, which provides 45% of the East Coast’s Gas, led to Fuel Shortages in multiple States and, shone a light, on the Potential for Hackers to cause Major Disruptions.

The Senior Administration Official stressed that if the Technologies encouraged by the ICS Program, had been in place at Colonial prior to the Attack, the Hackers would Not have been Successful. “Federal cybersecurity regulation in the U.S. is sectoral, we have a patchwork of sector-specific statutes that have been adopted piecemeal,” the Official told Reporters. “Our current posture is woefully insufficient given the evolving threat we face today. We really kicked the can down the road for a long time."

The Memorandum, is Not the First-Step, the Biden administration has taken to Combat Cyber Threats.

Following the Attack on Colonial, the Transportation Security Administration (TSA) issued Two Security Directives aimed at increasing Pipeline Cybersecurity, including requiring Critical Pipeline Companies to Disclose Major Cybersecurity Incidents within 12 hours.

The Administration also established an Interagency Task Forc,e earlier in the year, to address the Increase in Ransomware Attacks, and Biden signed an Executive Order, in May, aimed at Strengthening the Federal Government against Cyberattacks.

While the Memorandum, on Tuesday, is Voluntary, the Official stressed that the Administration expected Critical Owners and Operators to ensure their Systems are up to Critical Security Standards.

“The point we want to make is the federal government cannot do this alone, securing our critical infrastructure requires a whole-of-nation effort, and industry has to do their part,” the Official said. “These may be voluntary, but we hope and expect that all responsible critical infrastructure owners and operators will apply them.”

NYC Wins When Everyone Can Vote! Michael H. Drucker

No comments: