Recently, ZDNet reported that President Biden signed a memorandum in response to increasing cybersecurity threats ordering CISA and NIST to create benchmarks for organizations managing critical infrastructure.
Biden’s decision builds on, and to a degree formalizes, the measures started in April 2021 around securing industrial control systems.
- Modernizing U.S. defenses. This applies to the federal government, state and local government critical infrastructure, as well as offering incentives to the broader private sector so that key organizations are suitably equipped to meet the cyber-threat.
- Rebuilding the U.S. presence on the international stage. This includes measures to counter ransomware, with a focus on collective supranational defense. For example, implementing specific mitigation measures to protect against ransomware attacks and other known threats to information technology and operational technology systems within prescribed timeframes.
- Ensuring the U.S. is postured to compete. This includes developing appropriate policies and supporting businesses.
Looking at the implications for the cybersecurity space for Digital Journal is Toshihiro Koike, CEO of Cyber Security Cloud Inc. (CSC).
Koike explains that by “Implementing better cybersecurity guidelines within organizations, especially the ones managing critical infrastructure, is a necessity.”
Looking at the decisions undertaken in the U.S. specifically, Koike says that: “It’s smart for President Biden to generate a sense of urgency around cybersecurity policies and order CISA and NIST to establish benchmarks. Every company is vulnerable to a cybersecurity attack; now is the time to take action.”
At present, federal cybersecurity regulation in the U.S. is sectoral, comprised of a patchwork of sector-specific statutes. Biden’s administration regards this as leading to data security threats and the new policy aims for a new, national, holistic approach to cyber-defense measures.
