On July 28, 2021, President Joe Biden signed a National Security Memorandum on improving critical infrastructure cybersecurity.[1] The memorandum aims to encourage critical infrastructure owners and operators to voluntarily adopt better cybersecurity standards. The memorandum specifically focuses on industrial control systems (ICS), which monitor, regulate, and automate operational technologies (OT). Compromised ICS and OT can enable attackers to cause physical damage to systems and even widespread outages.
The memorandum formalizes the ICS Cybersecurity Initiative, which was launched in April 2021 and included a pilot program for the electricity sector. The pilot program is a voluntary, collaborative effort between the federal government and the electricity sector to improve the cybersecurity of these systems. So far, more than 150 utility companies have joined the pilot. A separate pilot is being developed for natural gas pipelines later in 2021, followed by plans for the chemical industry and waste-water treatment plants. The memorandum also directs the Departments of Commerce and Homeland Security (DHS), in coordination with the Secretary of Commerce (through the Director of the National Institute of Standards and Technology) and other agencies, to develop and issue cybersecurity performance goals to help critical infrastructure owners and operators improve their individual capabilities.
[1] https://www.whitehouse.gov/briefing-room/statements-releases/2021/07/28/national-security-memorandum-on-improving-cybersecurity-for-critical-infrastructure-control-systems/