White House Takes on Securing Critical Infrastructure Control Systems

ByPR 24

Attacks targeting critical infrastructure have been on the rise in recent years. Back in 2019, for instance, 56% of utility professionals responsible for overseeing risk in their organizations’ operational technology (OT) assets told Siemens and the Ponemon Institute that they experience at least one shutdown or operational data loss event a year. That’s about the same proportion (54%) of survey respondents who said they expected to see an attack on critical infrastructure in the next 12 months, reported HSToday.

The Biden Administration Responds

These critical infrastructure security events could explain why the Biden Administration has taken several steps in 2021 to help protect industrial control systems serving critical national infrastructure. Here’s an overview of three of those initiatives:

  • The 100-day sprint for electrical infrastructure: Earlier in the year, the Biden Administration announced a 100-day sprint to identify weaknesses within the United States’ electrical infrastructure. It also announced a Request for Information (RFI) from the U.S. Department of Energy to help to address supply chain risks in the U.S. electric system. (Tripwire’s response to that RFI is available here.)
  • The Executive Order on Improving the Nation’s Cybersecurity: In mid-May, the Administration published an Executive Order around strengthening the nation’s cybersecurity. The directive came with several measures for helping Federal Civilian Executive Branch (FCEB) agencies within the U.S. government to defend against supply chain attacks. It also included a section on removing barriers that would prevent information technology (IT) and OT service providers sharing threat intelligence information with FBI and similar entities.
  • Revised security guidelines for pipeline owners: Following a high-profile ransomware attack involving a U.S. pipeline company, the Transportation Security Agency (TSA) issued a directive that discusses new security requirements for pipeline operators. Those obligations include the need for all pipeline companies to disclose all security incidents to the TSA and the Cybersecurity & Infrastructure Security Agency (CISA) going forward.

The Biden Administration isn’t done for the year, either. In July, it released its “National Security Memorandum on Improving Cybersecurity for Critical Infrastructure Control Systems.” The purpose of this memo is to “defend the United States’ critical infrastructure by encouraging and facilitating deployment of technologies and systems that provide threat visibility, indications, detection, and warnings, and that facilitate response capabilities for cybersecurity in essential control system and operational technology networks. The goal of the Initiative is to greatly expand deployment of these technologies across priority critical infrastructure.”

Towards that end, the memo will work to create new avenues for collaboration between public and private sector entities. One such opportunity has already taken shape in the electricity subsector, the memo noted, with similar efforts to follow in the natural gas pipeline, water and wastewater, and chemical sectors later in 2021. Those programs will bring relevant government agencies together with critical infrastructure stakeholders, owners, and operators for the purpose of implementing the principles and policies discussed in the memo.

Simultaneously, the Secretary of Homeland Security will work with other agency heads to develop and issue cybersecurity performance goals for critical infrastructure organizations. The purpose is to use those goals to identify baseline security practices that organizations in every sector can use to defend themselves against common digital risks. Once they’ve created those principles, the agency heads will then work on developing subsector-specific recommendations.

Tim Erlin, VP strategy at Tripwire, feels this newest action will help to lay some important groundwork for the future of critical infrastructure security.

“Every business understands the importance of setting measurable goals to achieve meaningful progress, and cybersecurity is no different,” he said. “A clear understanding of the baseline requirements, and measurement of performance to those requirements, is a critical step in raising the bar for critical infrastructure security.”

“A focus on ‘cybersecurity and resilience’ emphasizes the balance between prevention and preparation, with the understanding that critical infrastructure needs to be both secure and resilient to operate effectively in the world today,” he added.

Where This Leaves Critical Infrastructure Organizations

Critical infrastructure organizations can get started on implementing the memo’s principles by first gaining network visibility of their industrial environments. To do this, they need to discover and profile all their network assets as well as set up automated alerts so that they can quickly resolve security issues. From there, those organizations can monitor their network and systems for potential problems and use secure baselines along with vulnerability management to harden the security of those assets on an ongoing basis.

Learn how Tripwire can help your critical infrastructure organization with these tasks.

Similar Posts

Sophos Acquires Braintrace – Global Security Mag Online

Sophos Acquires Braintrace – Global Security Mag Online

ByPR 24

Sophos announced that it has acquired Braintrace, further enhancing Sophos’ Adaptive Cybersecurity Ecosystem with Braintrace’s proprietary Network Detection and Response (NDR) technology. Braintrace’s NDR provides deep visibility into network traffic patterns, including encrypted traffic, without the need for Man-in-the-Middle (MitM) decryption. Located in Salt Lake City, Utah, Braintrace launched in 2016 and is privately held….

Millions of Dell Devices Vulnerable to Update Driver Flaw

Millions of Dell Devices Vulnerable to Update Driver Flaw

ByPR 24

Endpoint Security , Governance & Risk Management , Patch Management Dell Has Patched Driver Issue Found by SentinelOne Jeremy Kirk (jeremy_kirk) • May 5, 2021     Dell’s headquarters in Round Rock, Texas (Photo: Jjpwiki via Wikipedia/CC) Dell has patched five flaws in a vulnerable firmware update driver that has shipped in millions of laptops,…

Get Lifetime Access to 24 Professional Cybersecurity Certification Prep Courses

Get Lifetime Access to 24 Professional Cybersecurity Certification Prep Courses

ByPR 24

Get Lifetime Access to 24 Professional Cybersecurity Certification Prep Courses | IT Security News 29. August 2021 This article has been indexed from The Hacker News Not all heroes wear capes. Cybersecurity professionals are digital warriors who use their knowledge and skill to battle malicious hackers. Sounds like an exciting career, right? If the comic-book comparisons aren’t…

CISA Orders Agencies to Mitigate Pulse Secure VPN Risks

CISA Orders Agencies to Mitigate Pulse Secure VPN Risks

ByPR 24

Fraud Management & Cybercrime , Fraud Risk Management , Governance & Risk Management Agency Says Exploits Pose ‘Unacceptable Risk’ Scott Ferguson (Ferguson_Writes) • April 21, 2021     The U.S. Cybersecurity and Infrastructure Security Agency has issued an emergency directive requiring executive branch agencies to mitigate by Friday the risks posed by a zero-day vulnerability…

CVE-2021-22446 – Alert Detail – Security Database

CVE-2021-22446 – Alert Detail – Security Database

ByPR 24

Executive Summary Informations Name CVE-2021-22446 First vendor Publication 2021-08-02 Vendor Cve Last vendor Modification 2021-08-02 Security-Database Scoring CVSS v3 Cvss vector : N/A Overall CVSS Score NA Base Score NA Environmental Score NA impact SubScore NA Temporal Score NA Exploitabality Sub Score NA   Calculate full CVSS 3.0 Vectors scores Security-Database Scoring CVSS v2 Cvss…

What Does It Take To Be a Cybersecurity Researcher?

What Does It Take To Be a Cybersecurity Researcher?

ByPR 24

Behind the strategies and solutions needed to counter today’s cyber threats are—dedicated cybersecurity researchers. They spend their lives dissecting code and analyzing incident reports to discover how to stop the bad guys. But what drives these specialists? To understand the motivations for why these cybersecurity pros do what they do, we decided to talk with…