In the wake of the different ransomware attacks on Colonial Pipeline, JBS Foods, Oldsmar Florida water system and other critical infrastructure, President Joe Biden signed a national security memorandum that is aimed to strengthen the cybersecurity for critical infrastructures. The goal of this memorandum is to establish improved information sharing and collaboration initiatives with the private sector. Additionally, the White House wants to raise the security of ICS and address the different security risks and vulnerabilities in critical infrastructure environments.

The National Security Memorandum on Improving Cybersecurity for Critical Infrastructure Control Systems formalizes the Industrial Control System (ICS) Cybersecurity Initiative which directs the Departments of Homeland Security and Commerce and the Department of Commerce’s National Institute of Standards and Technology (NIST) to create and issue cybersecurity performance goals for critical infrastructures.

The new initiative of collaboration between the federal government and the critical infrastructure sector will work together to defend the critical infrastructures of the United States. “Encouraging and facilitating the deployment of technologies and systems that provide threat visibility, indications, detection, and warnings, and that facilitate response capabilities for cybersecurity in essential control system and operational technology networks,” according to the memorandum. 

Additionally, the memorandum will increase the adoption of cyber security solutions that provide better visibility into ICS, “The goal of the Initiative is to greatly expand deployment of these technologies across priority critical infrastructure.”

Another objective of this incentive to strengthen the security of ICS is to deploy interconnected industrial sensor technology. By deploying sensors, critical infrastructure environments will enhance their visibility into security events in their operational systems. 

This will allow organizations to detect any intrusion on their network more quickly. As quoted in the memorandum, “We cannot address threats we cannot see; therefore, deploying technologies that can monitor control systems and detect malicious activity and facilitate response actions to cyber threats is central to ensuring the safe operations of these critical systems.”

Why The Industrial Control Systems Cybersecurity Initiative Matters

Following in the lines of the Biden Administration’s recent cyber security executive order, the memorandum establishes the Industrial Control Systems Cybersecurity Initiative (the “ICS Initiative''). The ICS Initiative is a collaborative effort between the Federal Government and the critical infrastructure community to improve the cybersecurity of systems supporting national critical functions.

This new initiative is important for the critical infrastructure sector as it encourages, facilitates and scales the deployment of ICS security technologies to monitor and detect malicious activity and provide the right mitigation steps in response to cyber attacks. By using the ICS Initiative as guidance, the Federal Government will collaborate with the industrial sectors to share different cyber threat information for ICS systems of critical infrastructures.

Initially, this initiative was launched in April 2021 with a pilot effort within the electricity subsector with over 150 electricity utilities representing almost 90 million customers agreeing to deploy control system cybers security technologies. The same effort is underway with the natural gas pipelines sector which will be followed by water and wastewater, chemical and other sectors later this year. 

Critical Infrastructure Cybersecurity Performance Goals

The Memorandum also directs the need for government agencies to create and issue baseline cybersecurity goals across the critical infrastructure sectors. The need for improved security controls will be dependent on the control systems in the critical infrastructure environments. 

These measures will “further a common understanding of the baseline security practices that critical infrastructure owners and operators should follow to protect national and economic security, as well as public health and safety,” according to the memorandum.

NIST and CISA will establish the preliminary goals for control systems for critical infrastructures sectors by  Sept. 22, 2021. Then the final cross-sector control systems goals will be published by July 28, 2022.

“These performance goals should serve as clear guidance to owners and operators about cybersecurity practices and postures that the American people can trust and should expect for such essential services,” the memorandum states.

Moving Forward

ICS security is not an easy task at hand and defending the wide range of industrial networks and facilities is often neglected or not enough resources are allocated. By creating a voluntary collaboration of infrastructures operators and the cyber security agencies of the government it will strengthen the awareness of the different attacks on critical infrastructures.

The US government putting a strong emphasis on visibility is a smart move. The research and deployment of cyber security for ICS are only now starting to change for the better. The legacy systems are finally converging between the physical and the interconnected networks. By becoming interconnected to the Internet it has created new security risks for the critical infrastructures sectors that haven’t been properly evaluated. The memorandum is a good first step into ensuring better security for ICS, but it’s only one small step on a long road to more secure critical infrastructure sectors.

If you’re interested in receiving a full PCAP-based risk assessment or want to learn more about how to measure and increase your security program maturity, please visit this page for a short demo of the SCADAfence Platform.