President Joe Biden will sign a memorandum on Wednesday to create new voluntary cybersecurity goals for critical infrastructure operators, the latest attempt by the administration to counter the exploding problem of hacks.
The National Security Memorandum on Improving Cybersecurity for Critical Infrastructure Control Systems will direct the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency and the Department of Commerce’s National Institute of Standards and Technology, in collaboration with other agencies, to develop cybersecurity performance goals for critical infrastructure operators such as those in the energy industry, food suppliers, hospitals, and key parts of the government.
The memo will also establish the President’s Industrial Control System Cybersecurity Initiative, a voluntary effort between the federal government and critical infrastructure operators, to facilitate the deployment of technology and systems that will provide better threat visibility, indicators, detections, and warnings when it comes to cyberattacks.
“This a public-private initiative effort with a focus to roll out these very specific technologies voluntarily, by the private sector, in close cooperation to really ensure we get those protections in place within the voluntary model that is in place for our cybersecurity for critical infrastructure today,” a senior administration official told reporters on Tuesday evening.
Almost 90% of critical infrastructure in the United States is owned and operated by the private sector, the official said.
PANDEMIC WORK-FROM-HOME HELPED CREATE SURGE IN RANSOMWARE ATTACKS
Despite cyberattacks being a common problem in the past decade, it is the recent series of massive attacks on the computer systems of the federal government, the Colonial pipeline, and the meat producer JBS that have brought mainstream awareness to the need for increased cybersecurity protections within governments and businesses.
The federal government has also created a multi-agency cybersecurity task force, provided new security guidelines to businesses, and begun implementing relevant executive orders after ransomware attacks earlier this year.
The official added that currently, “there is no strategic, coordinated requirement for the cybersecurity of critical infrastructure,” and so the administration hopes to address this, in part, through the memo and also by working with Congress to pass relevant legislation.
Federal cybersecurity officials within the Biden administration called on Congress on Tuesday to pass new laws that would force businesses and organizations to disclose ransomware attacks.
Congress is already working to pass relevant cybersecurity legislation on a bipartisan basis.
The Cyber Response and Recovery Act, a bipartisan bill introduced in April by Democratic Sen. Gary Peters of Michigan and Republican Sen. Rob Portman of Ohio, would create the Cyber Response and Recovery Fund and would provide better coordination between federal and nonfederal actors trying to respond to serious cyberattacks or breaches.
CLICK HERE TO READ MORE FROM THE WASHINGTON EXAMINER
Additionally, the House Energy and Commerce Committee passed eight bipartisan bills last week to better equip the government and businesses with tools to handle the recent explosion in ransomware attacks.
