White House announced that President Biden is National Security Memorandum on Improving Cybersecurity for Critical Infrastructure Control Systems. It addresses cybersecurity for critical infrastructure and implements long-overdue efforts to meet the threats the country faces.
TSA Security Directive
White House also announced that the Department of Homeland Security’s Transportation Security Administration (TSA) announced a second Security Directive. It is announced shortly after a ransomware attack affected a major petroleum pipeline in May. The directive requires pipeline owners and operators to report cybersecurity incidents, designate a Cybersecurity Coordinator, and conduct a review of their current cybersecurity practices.
National Security Memorandum:
- Directs the Department of Homeland Security’s Cybersecurity & Infrastructure Security Agency (CISA) and the Department of Commerce’s National Institute of Standards and Technology (NIST), in collaboration with other agencies, to develop cybersecurity performance goals for critical infrastructure. We expect those standards will assist companies responsible for providing essential services like power, water, and transportation to strengthen their cybersecurity.
- Formally establishes the President’s Industrial Control System Cybersecurity (ICS) Initiative. The ICS initiative is a voluntary, collaborative effort between the federal government and the critical infrastructure community to facilitate the deployment of technology and systems that provide threat visibility, indicators, detections, and warnings. The Initiative began in mid-April with an Electricity Subsector pilot, and already over 150 electricity utilities representing almost 90 million residential customers are either deploying or have agreed to deploy control system cybersecurity technologies. The action plan for natural gas pipelines is underway, and additional initiatives for other sectors will follow later this year.