The White House recently announced a new National Cybersecurity Strategy to protect the nation and its citizens from cyber threats. Of particular note is the focus on critical infrastructure. With a rise in security attacks on critical infrastructure and the utility sector, the Federal Government seeks to foster public and private sector collaboration and build network resilience.

National Cybersecurity Strategy 2022

“…the United States will reimagine cyberspace as a tool to achieve our goals in a way that reflects our values: economic security and prosperity; respect for human rights and fundamental freedoms; trust in our democracy and democratic institutions; and an equitable and diverse society.”

Capturing attention in early March, the White House issued this statement, introducing the National Cybersecurity Strategy for 2023 and beyond. As cybercrime continues to rise, the Strategy calls attention to local and global threats that impact the security of US citizens, businesses, and infrastructure.

Foundation of the Strategy

The National Cybersecurity Strategy is built on five pillars:

  • Defend Critical Infrastructure
  • Disrupt and Dismantle Threat Actors
  • Shape Market Forces to Drive Security and Resilience
  • Invest in a Resilient Future
  • Forge International Partnerships to Pursue Shared Goals

Each element defines a point of collaboration and focuses on executing the Strategy.

Risks to the Energy Sector

Of particular note from this announcement is the focus on protecting critical infrastructure. The Department of State identified this sector – including energy, water, nuclear, aviation, and other industrial control systems – exceptionally vulnerable to cyber threats.

According to a 2022 report, 72% of organizations in the critical infrastructure space had experienced at least six incidents resulting in cyber disruption. 40% could not block the attack, and nearly half could not make necessary improvements to minimize future risk.

High-profile incidents like the attacks on the Colonial Pipeline, the Oldsmar water treatment facility attack, or a New York City office block (in which hackers were able to take control of power, communication, and security systems) have hit the headlines in recent years. The allure draws opportunistic cyber criminals who want to exploit some of the most vulnerable organizations for the most significant impact and to reap the biggest reward.

Defending Critical Infrastructure

The United States has identified critical infrastructure as pivotal to ensuring national and public safety and economic prosperity. The Strategy aims to build confidence in the resilience of critical infrastructure and the essential services citizens rely upon.

To protect the infrastructure sector (and, in turn, citizens) from threats, the Strategy calls for  collaboration among owners and operators of infrastructure entities to ensure cybersecurity protections are in place.

This pillar relies on five strategic objectives to ensure success, summarized below.

Establish Cybersecurity Requirements to Support National Security and Public Safety

Foundational in securing critical infrastructure is the establishment of cybersecurity regulations. Leveraging existing systems or working with Congress to establish new governing bodies, the Federal Government will designate cybersecurity requirements to enforce performance-based regulations.

These requirements will be based partly on the Cybersecurity and Infrastructure Security Agency (CISA) Performance Goals and will be agile to ensure adaptability as the threat landscape evolves.

Scale Public-Private Collaboration

Building on a culture of collaboration on cybersecurity goals, CISA will coordinate with Sector Risk Management Agencies (SRMAs) to scale these efforts nationwide. SRMAs are tasked with day-to-day responsibility and sector-specific advisory to build security and resilience within their respective sectors.

The Federal Government will support collaboration between CISA and SRMAs by investing in capabilities and enabling proactive responses to the needs of owners and operators within SRMA jurisdictions. This objective also fosters accelerated operational collaboration with technology solutions and investment by the Federal Government to build out the capabilities of individual groups, bridging caps between the public and private sectors in tandem.

Integrate Federal Cybersecurity Centers

Ensuring the breakdown of existing or potential silos, the Federal Government will integrate Federal Cybersecurity Centers – individual nodes covering law enforcement, homeland defense, intelligence, and other missions – to ensure unified, whole-of-government coordination.

This objective relies on CISA, SRMAs, and entities such as the Joint Cyber Defense Collaborative (JCDC) and the National Cyber Investigative Joint Task Force (NCIJTF) for coordination to be effective.

Existing models, including the Department of Energy (DOE)’s Energy Threat Analysis Center (ETAC) pilot, the DoD’s Defense Industrial Base Collaborative Information Sharing Environment (DCISE) and the National Security Agency (NSA)’s Cybersecurity Collaboration Center, will support and enhance these efforts.

Update Federal Incident Response Plans and Processes

In most instances, the private sector can mitigate or address cyber risk without Federal involvement. When required, however, the Federal Government is committed to a coordinated and unified response in support.

This objective commits to defining and communicating the relevant government agency contacts for various threats and incidents. Accompanying this list is clear guidance on reaching and requesting support to address incidents, ensuring a smooth workflow and swift response, outline what support the Federal Government can and will provide.

Additionally, this objective defines a timeframe in which critical infrastructure entities must report incidents to CISA (within hours). Rapid reporting of incidents will strengthen efforts and the evolution of protective measures nationwide.

Modernize Federal Defenses

Modern threats require modern measures, and this objective ensures technology standardization for the utmost protection. Federal systems will be modernized in line with zero trust principles and to identify threats inside and outside network boundaries.

IT and OT systems will be replaced or updated with secure technology and, where applicable, will migrate to cloud-based services. Upon building a robust standard for Federal networks, ensuring resilience and reliability, this model can and will be emulated across the private sector.

Collaboration Builds Resilience

The National Cybersecurity Strategy defines a big task, and one thing is clear: to keep the nation safe, critical infrastructure and seamless collaboration are of paramount importance.

ITEGRITI has deep experience across critical infrastructure cybersecurity programs, compliance, risk, and audit. Contact us today to learn how we can leverage this experience to help you accomplish your cybersecurity goals.

Contact Us: https://itegriti.com/contact/

ITEGRITI Services: https://itegriti.com