White House Issues Memo on US Critical Infrastructure Security

The White House published a national security memorandum this week that aims to bolster cybersecurity for critical infrastructure.

Its memo comes after several high-profile ransomware attacks on large organizations, including Colonial Pipeline. The May attack the massive pipeline system temporarily shut down approximately 5,500 miles of pipeline and disrupted nearly half of the East Coast's fuel supply.

"The cybersecurity threats posed to the systems that control and operate the critical infrastructure on which we all depend are among the most significant and growing issues confronting our Nation," the memo notes. "The degradation, destruction, or malfunction of systems that control this infrastructure could cause significant harm to the national and economic security of the United States."

The order includes several directives for federal departments and directs the Departments of Homeland Security and Commerce to develop "cybersecurity performance goals for critical infrastructure." It also establishes an industrial control system cybersecurity initiative, which is is a voluntary, collaborative effort between the federal government and critical infrastructure community to assist with implementing technology and systems that provide threat visibility, indicators, detections, and warnings.

"The Initiative began in mid-April with an Electricity Subsector pilot, and already over 150 electricity utilities representing almost 90 million residential customers are either deploying or have agreed to deploy control system cybersecurity technologies," the memo says. "The action plan for natural gas pipelines is underway, and additional initiatives for other sectors will follow later this year."

The full memo can be found here.