White House plans order on industrial control systems
- By Adam Mazmanian
- Apr 08, 2021
The Biden administration plans a separate executive order focused on industrial control systems that operate utilities such as water treatment and energy delivery as part of an overall effort to improve the nation's cybersecurity.
The move tracks with a planned sprint on industrial control systems scheduled for this summer by the Department of Homeland Security.
"We picked control systems because those are the systems that control water systems, power systems, chemical systems, across the U.S. And we're seeking to have visibility on those networks to detect anomalous cyber behavior and block anomalous cyber behavior," Anne Neuberger, the cybersecurity lead on the National Security Council, said at an April 8 online event hosted by the Council on Foreign Relations.
"Today, we cannot trust those systems because we don't have the visibility into those systems," Neuberger said. "And we need the visibility of those systems because of the significant consequences if they fail, or if they're degraded. So that's the threshold of success we seek from a cyber perspective, and there are many efforts that we'll need to do to get there."
The push on industrial control systems cybersecurity comes in the wake of a breach into a water system in Oldmar, Fla. that could have had fatal consequences if it had gone undetected. Currently, attacks on computer controlled infrastructure are handled in a sector-specific way, with no one entity or agency having an overall view into industry control system cybersecurity.
But the effort is also linked to the Biden administration's effort, expected to come in a separate executive order, to leverage the procurement power of the federal government as a forcing mechanism to induce vendors to be more transparent about the security of private sector software products.
Neuberger said the content of the orders will be "aggressive, but achievable" and allow the government to " fundamentally make progress on issues that we've kicked the can down the road on for a long time."
Neuberger also went into some detail about the persistence of the SolarWinds intrusion, and suggested that the hack wasn't only about spying, and could support "disruption or degradation as well as intelligence collection."
Adam Mazmanian is executive editor of FCW.
Before joining the editing team, Mazmanian was an FCW staff writer covering Congress, government-wide technology policy and the Department of Veterans Affairs. Prior to joining FCW, Mazmanian was technology correspondent for National Journal and served in a variety of editorial roles at B2B news service SmartBrief. Mazmanian has contributed reviews and articles to the Washington Post, the Washington City Paper, Newsday, New York Press, Architect Magazine and other publications.
Click here for previous articles by Mazmanian. Connect with him on Twitter at @thisismaz.