On account of increasing and strengthening cybersecurity threats, President Biden and his administration have released a National Security Memorandum on Improving Cybersecurity for Critical Infrastructure Control Systems.
The memorandum details a number of measures to be taken by the administration to mitigate cyber attacks for critical infrastructure control systems and keep them protected.
“Protection of our Nation’s critical infrastructure is a responsibility of the government at the Federal, State, local, Tribal, and territorial levels and of the owners and operators of that infrastructure… The degradation, destruction, or malfunction of systems that control this infrastructure could cause significant harm to the national and economic security of the United States,” said President Biden in the memorandum.
The memorandum brings forward five sections of action to be taken by President Biden and his administration. Section 1 details policy to “safeguard the critical infrastructure of the Nation, with a particular focus on the cybersecurity and resilience of systems supporting National Critical Functions.”
Section 2 details the Industrial Control Systems Cybersecurity Initiative, a “voluntary, collaborative effort between the Federal Government and the critical infrastructure community to significantly improve the cybersecurity of these critical systems.” Section 3 looks to further the initiative, with efforts to build on, expand, and accelerate ongoing cybersecurity efforts in critical infrastructure sectors as an important step in addressing these threats.
Section 4 goes over the need for critical infrastructure cybersecurity performance goals, as a “need for baseline cybersecurity goals that are consistent across all critical infrastructure sectors, as well as a need for security controls for select critical infrastructure that is dependent on control systems” increases.
Lastly, Section 5 details that the memorandum will operate without impacting several factors.
“ICS is particularly challenging where cybersecurity is concerned. Historically “availability” from the CIA Triad (Confidentiality, Integrity, Availability) features higher on the priority list than in traditional IT. Industrial Control Systems and Operational Technology often utilize older legacy tech, which compounds the difficulty in deploying modern cybersecurity monitoring platforms,” said Simon Eyre, Chief Information Security Officer of Drawbridge.
“Companies may even struggle to find the right skills to offer software patches to these older systems. This ‘Call to Arms’ by the Biden administration may be just the ticket critical infrastructure needs to gain the funds and overcome these challenges,” he added.
With increasing cyber threats, it’s imperative to stay up to date with important information like the memorandum above. To read the full National Security Memorandum, click here.