With hacking and attacks on industries critical to national security and the economy, President Biden urged critical infrastructure entities to improve their cyber security.
A senior official in the Biden administration said that Mr. Biden is instructing the Department of Homeland Security and the Department of Commerce to set performance targets for critical infrastructure and is establishing voluntary efforts for the private sector to cooperate with the federal government to deploy certain technologies and systems.
“Protecting our critical infrastructure requires the efforts of the entire country, and the industry must do its part,” the official said. “These may be voluntary, but we hope and expect that all responsible owners and operators of critical infrastructure will apply them. We should never emphasize that they owe Americans to serve these critical infrastructures. Provide greater flexibility.”
Mr. Biden’s history of strong wording on cyber issues has drawn criticism from his political opponents and lacklustre comments from cyber security officials.
The president has drawn a red line around the critical infrastructure of the United States as a restricted zone for Russian attackers, and has repeatedly warned Russian President Vladimir Putin to take action against cyber attackers.
Since Mr. Biden’s summit with Mr. Putin in June, cybersecurity professionals have observed continued hacking and attacks, and Republicans have questioned that Mr. Biden’s hard-line comments are wrong.
Some Democrats have also become tired of the Biden administration’s management of critical infrastructure. On Tuesday, Rhode Island Democratic Senator Sheldon Whitehouse (Sheldon Whitehouse) criticized the federal government for making critical infrastructure organizations take cybersecurity seriously, and regretted the lack of “real standards.”
“We don’t have to supervise everyone in the world, but if you are critical infrastructure, we should no longer tolerate this voluntary system. Large companies know that their infrastructure is critical but will fail,” Mr. Whitehouse told a conference. Said the Senate Judiciary Committee hearing.
Both the Biden administration and Congress are reviewing new rules and laws designed to allow critical infrastructure entities to improve their cybersecurity practices.
A senior government official stated that the federal government does not have a comprehensive way to require the deployment of security technologies and best practices without legislation.
Several senators have recently begun to propose proposals aimed at increasing information sharing between the federal government and private sector organizations dealing with critical infrastructure.
Last week, a bipartisan group of 15 senators introduced the Cyber Incident Notification Act of 2021, which will force critical infrastructure entities, government contractors, and federal agencies to disclose cyber vulnerabilities.
An independent bipartisan group of four senators announced last week that they proposed to let the Cyber Security and Infrastructure Agency (CISA) be responsible for identifying and responding to threats to industrial control systems.
The legislation will also allow CISA to share information about threats with the private sector and provide legislators with a brief introduction to the agency’s ability to respond to cyber threats.