White House says critical infrastructure firms must shape up on cybersecurity

News
By published

Securing US critical infrastructure “requires a whole of nation effort”

White House
(Image credit: David Everett Strickler / Unsplash)

Energy providers and other critical infrastructure companies in the US must do more to improve their cyber defenses as additional regulations could be just around the corner according to the White House.

US President Joe Biden has also signed a national security memorandum dedicated to improving cybersecurity for critical infrastructure control systems and the US government provided further details on the importance of doing so in a press release, saying:

“The cybersecurity threats posed to the systems that control and operate the critical infrastructure on which we all depend are among the most significant and growing issues confronting our Nation. The degradation, destruction, or malfunction of systems that control this infrastructure could cause significant harm to the national and economic security of the United States.”

Performance controls

As reported by Reuters, the President's latest memorandum will also see the launch of a new public-private initiative that creates “performance controls” when it comes to cybersecurity at water treatment facilities, electric power plants and other critical infrastructure companies in the US.

While these recommendations are voluntary, the Biden administration hopes they will encourage companies to improve their cybersecurity posture ahead of other policy efforts according to a senior administration official that spoke with the news outlet.

A number of high profile cyberattacks have shown the US government and its citizens just how disruptive malware, ransomware and other similar attacks can be to the country's critical infrastructure. Most notably the Colonial Pipeline, which runs through 12 states, was taken offline for several days following an attack believed to be launched by the DarkSide ransomware group back in May.

The senior administration official also explained to Reuters that a lack of cybersecurity requirements is what made the country's critical infrastructure so vulnerable in the first place, saying:

"These are the thresholds that we expect responsible owners and operators to go. The absence of mandated cybersecurity requirements for critical infrastructure is what in many ways has brought us to the level of vulnerability that we have today. The federal government cannot do this alone. Almost 90% of critical infrastructure is owned and operated by the private sector. Securing it requires a whole of nation effort."

Via Reuters

Anthony Spadafora
Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home. 

Read more
Digital US flag
Biden orders review, new rules governing US national cybersecurity
healthcare
US government wants to toughen up cybersecurity rules for healthcare organizations
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
Fortifying the UK’s energy sector: The cybersecurity imperative in an AI-driven future
US President Donald Trump speaks to the press as he signs an executive order to create a US sovereign wealth fund, in the Oval Office of the White House on February 3, 2025, in Washington, DC.
US set to pause cyber-offensive operations against Russia - but CISA says it won't stop
China
Volt Typhoon threat group had access to American utility networks for the best part of a year
UK Government launches ransomware protection proposals
Latest in Security
Code Skull
Interpol operation arrests 300 suspects linked to African cybercrime rings
Insecure network with several red platforms connected through glowing data lines and a black hat hacker symbol
Multiple H3C Magic routers hit by critical severity remote command injection, with no fix in sight
An abstract image of a lock against a digital background, denoting cybersecurity.
Critical security flaw in Next.js could spell big trouble for JavaScript users
Microsoft
"Another pair of eyes" - Microsoft launches all-new Security Copilot Agents to give security teams the upper hand
Lock on Laptop Screen
Medusa ransomware is able to disable anti-malware tools, so be on your guard
An abstract image of digital security.
Fake file converters are stealing info, pushing ransomware, FBI warns
Latest in News
Samsung Galaxy S25 from the front
The Now Bar on Samsung One UI 7 is about to get a lot more useful – and could soon match Live Activities on iOS
Netflix Ads
Netflix adds HDR10+ support – great news for Samsung TV owners, but don't expect LG and Sony to do the same any time soon
FiiO FX17 IEMs
Our favorite budget audiophile brand unveils wired earbuds with 26(!) drivers, electrostatic units, USB-C ultra-Hi-Res Audio, and a not-so-budget price
Nvidia RTX 5080 against a yellow TechRadar background
RTX 5080 24GB version teased by MSI - is it time to admit that 16GB isn't enough for 4K?
A close up of the PlayStation symbol at the top of a PS5 Slim console with a white brick background
Sony has dropped a new PS5 update, improving activities and adding more emoji support
girl using laptop hoping for good luck with her fingers crossed
Windows 11 24H2 seems to be a massive fail – so Microsoft apparently working on 25H2 fills me with hope... and fear
More about security
Code Skull

Interpol operation arrests 300 suspects linked to African cybercrime rings
An abstract image of a lock against a digital background, denoting cybersecurity.

Critical security flaw in Next.js could spell big trouble for JavaScript users
Samsung Galaxy S25 from the front

The Now Bar on Samsung One UI 7 is about to get a lot more useful – and could soon match Live Activities on iOS
See more latest
Most Popular
Samsung Galaxy S25 from the front
The Now Bar on Samsung One UI 7 is about to get a lot more useful – and could soon match Live Activities on iOS
A close up of the PlayStation symbol at the top of a PS5 Slim console with a white brick background
Sony has dropped a new PS5 update, improving activities and adding more emoji support
Netflix Ads
Netflix adds HDR10+ support – great news for Samsung TV owners, but don't expect LG and Sony to do the same any time soon
Nvidia RTX 5080 against a yellow TechRadar background
RTX 5080 24GB version teased by MSI - is it time to admit that 16GB isn't enough for 4K?
Google Pixel 9a being held, from the back
The Google Pixel 9a’s mysterious delay may have just been explained
Nintendo Sound Clock: Alarmo
Nintendo Sound Clock: Alarmo gets new update with more customizable features ahead of the Switch 2 Direct
Code Skull
Interpol operation arrests 300 suspects linked to African cybercrime rings
FiiO FX17 IEMs
Our favorite budget audiophile brand unveils wired earbuds with 26(!) drivers, electrostatic units, USB-C ultra-Hi-Res Audio, and a not-so-budget price
An abstract image of a lock against a digital background, denoting cybersecurity.
Critical security flaw in Next.js could spell big trouble for JavaScript users
girl using laptop hoping for good luck with her fingers crossed
Windows 11 24H2 seems to be a massive fail – so Microsoft apparently working on 25H2 fills me with hope... and fear