President Joe Biden signed an executive national security memorandum on Wednesday calling for the development of new critical infrastructure cybersecurity standards for various industries. The U.S. Cybersecurity and Infrastructure Security Agency and the National Institute of Standards and Technology will develop the standards, and compliance will be voluntary – at least initially.
Having CISA and NIST create cybersecurity standards that multiple industries can adopt is long overdue, says Phil Reitinger, the president and CEO of the Global Cyber Alliance.
“We’ve all known for a long time that the cybersecurity defenses imposed by critical infrastructure are not sufficient, and we must do more,” says Reitinger, who formerly served as the director of the National Cyber Security Center within DHS. “This order extends the pioneering work done on the Cybersecurity Framework and directs CISA to set cybersecurity performance goals for critical infrastructure. This step was also included in the executive order that established the Cybersecurity Framework, but the new requirement suggests that CISA will issue a more detailed set of requirements that are essential.”
Read the rest of the article at Bank Info Security.