President Biden this week signed a National Security Memorandum (NSM) on "Improving Cybersecurity for Critical Infrastructure Control Systems," according to a statement from The White House.
The memorandum, MSSP Alert believes, should be required reading for MSSPs and MDR (managed detection and response) service providers that work with critical infrastructure providers -- such as energy, transportation, water utilities, and communications organizations, to name a few.
Indeed, MSSPs and MDR service providers may need to update their security controls and/or adjust their terms of service to align with the latest critical infrastructure clientele requirements, MSSP Alert believes.
Critical Infrastructure Control Systems: New Security Mandates
Under the memorandum, the U.S. Department of Homeland Security (DHS) Cybersecurity & Infrastructure Security Agency (CISA) and Department of Commerce's National Institute of Standards and Technology (NIST) will work together to develop cybersecurity performance goals for critical infrastructure. These goals will help companies responsible for providing power, water, transportation and other critical infrastructure services strengthen their security posture, the memorandum states.
In addition, the memorandum establishes the President's Industrial Control System Cybersecurity (ICS) initiative, which empowers federal government and critical infrastructure companies to deploy technology and systems that provide threat visibility, indicators, detections and warnings. This initiative began in April 2021 with an Electricity Subsector pilot; since that time, over 150 electricity utilities representing nearly 90 million residential customers are deploying or have agreed to deploy control system cybersecurity technologies.
Transportation Security Administration Announces Security Directive for Pipeline Owners, Operators
Biden's NSM for improving the cybersecurity of industrial control systems comes after the U.S. Transportation Security Administration (TSA) in July 2021 issued its second Security Directive for pipeline owners and operators. The directive encourages pipeline owners and operators to take the following security measures:
- Implement mitigation measures to protect against ransomware attacks and other threats to information technology and operational technology systems.
- Develop and implement a cybersecurity contingency and recovery plan.
- Perform an annual cybersecurity architecture design review.
Previously, TSA issued a Security Directive for pipeline operators and owners in May 2021. This directive came in response to the May 2021 Colonial Pipeline ransomware attack.
Are IT Management Software Platforms Critical Infrastructure?
Among the next potential developments to watch: Will the U.S. government update its critical infrastructure definition to include RMM (remote monitoring and management) software tools and their associated supply chains?
That's a particularly timely question following the July 2021 REvil Ransomware attack against Kaseya's VSA software. That attack spread downstream to hit roughly 50 MSPs and as many as 1,500 end-customer organizations, Kaseya estimates. Moreover, Kaseya's SaaS-based RMM service was offline for more than a week while the company examined and hardened the system.
Meta Description: President Biden signs a National Security Memorandum (NSM) for cybersecurity to help critical infrastructure companies improve their security posture.