The Biden administration has signed a national security memorandum updating the US government’s strategy for safeguarding critical infrastructure from cyber attacks, terrorism, and natural disasters. The memo provides new guidelines for federal agencies, private companies, and state and local governments to enhance the security of essential facilities such as hospitals, power plants, water facilities, and schools.
The updated directive addresses the growing threats posed by foreign hackers, cyber criminals, extremist groups, and climate change. It aims to strengthen the role of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) in protecting infrastructure, improve collaboration with the private sector through enhanced information sharing, and establish minimum cybersecurity requirements for sectors lacking them.
This regulatory shift marks a departure from past reliance on voluntary partnerships, with new cybersecurity rules already enforced in industries such as aviation, pipelines, railroads, maritime, and medical devices. The administration plans to expand these rules to other sectors with the help of Sector Risk Management Agencies (SRMAs) tasked with assessing vulnerabilities and crafting new regulations where needed.
Overall, the memorandum seeks to establish baseline security standards for critical infrastructure sectors to ensure the continuity of essential services and safeguard democracy in the face of evolving threats.