President Biden signed a National Security Memorandum (NSM) on “Improving Cybersecurity for Critical Infrastructure Control Systems”. There are two key parts:
- Directs the Department of Homeland Security’s Cybersecurity & Infrastructure Security Agency (CISA) and the Department of Commerce’s National Institute of Standards and Technology (NIST), in collaboration with other agencies, to develop cybersecurity performance goals for critical infrastructure. We expect those standards will assist companies responsible for providing essential services like power, water, and transportation to strengthen their cybersecurity.
- Formally establishes the President’s Industrial Control System Cybersecurity (ICS) Initiative. The ICS initiative is a voluntary, collaborative effort between the federal government and the critical infrastructure community to facilitate the deployment of technology and systems that provide threat visibility, indicators, detections, and warnings. The Initiative began in mid-April with an Electricity Subsector pilot, and already over 150 electricity utilities representing almost 90 million residential customers are either deploying or have agreed to deploy control system cybersecurity technologies. The action plan for natural gas pipelines is underway, and additional initiatives for other sectors will follow later this year.
