Energy providers and other critical infrastructure companies in the US must do more to improve their cyber defenses as additional regulations could be just around the corner according to the White House.
US President Joe Biden has also signed a national security memorandum dedicated to improving cybersecurity for critical infrastructure control systems and the US government provided further details on the importance of doing so in a press release, saying:
- We've put together a list of the best endpoint protection software
- Keep your devices virus free with the best malware removal software
- Also check out our roundup of the best firewall
“The cybersecurity threats posed to the systems that control and operate the critical infrastructure on which we all depend are among the most significant and growing issues confronting our Nation. The degradation, destruction, or malfunction of systems that control this infrastructure could cause significant harm to the national and economic security of the United States.”
As reported by Reuters, the President's latest memorandum will also see the launch of a new public-private initiative that creates “performance controls” when it comes to cybersecurity at water treatment facilities, electric power plants and other critical infrastructure companies in the US.
While these recommendations are voluntary, the Biden administration hopes they will encourage companies to improve their cybersecurity posture ahead of other policy efforts according to a senior administration official that spoke with the news outlet.
A number of high profile cyberattacks have shown the US government and its citizens just how disruptive malware, ransomware and other similar attacks can be to the country's critical infrastructure. Most notably the Colonial Pipeline, which runs through 12 states, was taken offline for several days following an attack believed to be launched by the DarkSide ransomware group back in May.
The senior administration official also explained to Reuters that a lack of cybersecurity requirements is what made the country's critical infrastructure so vulnerable in the first place, saying:
"These are the thresholds that we expect responsible owners and operators to go. The absence of mandated cybersecurity requirements for critical infrastructure is what in many ways has brought us to the level of vulnerability that we have today. The federal government cannot do this alone. Almost 90% of critical infrastructure is owned and operated by the private sector. Securing it requires a whole of nation effort."
- We've also featured the best antivirus
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.