Industrial Controls Systems Security: Legislation May Boost CISA’s Role
The Department of Homeland Security’s cyber wing would have more responsibility to protect industrial controls systems (ICS) from cyberattacks, should a newly introduced bill be signed into law.
The bipartisan DHS Industrial Control Systems Enhancement Act, which amends the Homeland Security Act of 2002, gives the Cybersecurity and Infrastructure Security Agency (CISA) the responsibility to “maintain capabilities” to identify threats to industrial control systems, according to the measure’s text. House Homeland Security Committee ranking member John Katko (R-NY) is the primary sponsor of the legislation.
CISA and ICS Security: Proposed Law
Here’s what the bill calls on CISA to do:
- Lead federal government efforts to identify and mitigate cybersecurity threats made to ICS.
- Maintain threat hunting and incident response capabilities to respond to ICS cybersecurity risks and incidents.
- Provide cybersecurity technical assistance to industry end users, product manufacturers, other federal agencies, and other ICS stakeholders.
- Collect, coordinate, and provide vulnerability information to the ICS community.
- Brief Congress on its ICS capabilities starting six months after the bill is enacted and then every six months for four years.
The bill’s co-sponsors include House Homeland Security Committee chair Bennie Thompson (D-MS), cybersecurity subcommittee chair Yvette Clarke (D-NY), cybersecurity subcommittee ranking member Andrew Garbarino (R-NY) and Rep. Jim Langevin (D-RI), chair of the House Armed Services Committee’s cybersecurity subcommittee. Additional co-sponsors include Reps. Don Bacon (R-NE), Kat Cammack (R-FL), Carlos Gimenez (R-FL), and John Rutherford (R-FL).
As industrial control systems are increasingly connected to the internet, hackers can infiltrate the systems with potentially devastating consequences. As such, CISA’s role in protecting the nation’s critical infrastructure from cyber threats is more important than ever, Katko said.
“As I have said consistently, we need to continue to build centralized cybersecurity capacity with CISA where possible for the entire critical infrastructure community to voluntarily benefit from,” Katko added. “This important piece of legislation will solidify CISA’s lead role in protecting our nation’s critical infrastructure from cyber threats, particularly to our industrial control systems.”
Fortifying U.S. Infrastructure Security
The proposed legislation comes on the heels of the SolarWinds Orion cyberattack that hit at least nine government agencies and up to 100 private sector companies, allegedly engineered and executed by Russian hackers. Subsequent cyber break-ins into a Florida town’s water supply and Chinese hackers exploiting vulnerabilities in Microsoft Exchange Servers have underscored CISA’s role as the country’s cybersecurity lead.
The new American Rescue Plan includes $650 million to help CISA strengthen its mitigation services, a figure just shy of the $690 million President Biden proposed in the Covid-19 measure. The SolarWinds cyber attack was referenced in Biden’s original plan as justification for boosting CISA’s cybersecurity funding. Acting CISA Director Brandon Wales said that the $650 million won’t be enough to guard against current and prepare for future threats, calling it in testimony to the House Appropriations Homeland Security Subcommittee last week a “down payment.”
How CISA will deconstruct the swarm of disinformation buzzing federal elections going forward is front and center on the agency’s to-do list, Wales said in February 2021.