On Wednesday, President Biden signed a National Security Memorandum that aims to improve national cybersecurity.
It directs the Department of Homeland Security's Cybersecurity & Infrastructure Security Agency (CISA) and the Department of Commerce's National Institute of Standards and Technology (NIST) to collaborate with other agencies to develop cybersecurity performance standards for companies across the US that provide essential services like power, water, and transportation. When systems that control these vital infrastructures malfunction or are interrupted because of an incident such as a ransomware attack, it can jeopardize national security, economic security, as well as public health and safety.
The memorandum also formally establishes the President's Industrial Control System Cybersecurity (ICS) Initiative, which is a voluntary, collaborative effort between the federal government and the critical infrastructure community to establish systems that can detect cyberthreats and send timely alerts. The ICS Initiative kicked off in mid-April with an Electricity Subsector pilot, in which the Department of Energy worked with over 150 electricity utilities to plan and deploy cybersecurity tech for their control systems. Officials also gathered a number of utility and pipeline CEOs to brief them on cybersecurity threats.
The Department of Homeland Security's Transportation Security Administration (TSA) rolled out a directive earlier this year requiring critical pipeline owners and operators to report cybersecurity incidents as well as have their current practices reviewed by a designated Cybersecurity Coordinator after a major petroleum pipeline was attacked by ransomware in May.