US President Biden has signed a new cybersecurity Executive Order with the goal of protecting critical US infrastructure, including power generaton, from ransomware and general cyber-attacks. The executive order, coming in the wake of a series of major attacks targeting infrastructure (for example Colonial Pipeline), offers voluntary cybersecurity standard measures for utility companies to adhere to, touching on areas including data encryption and two-factor authentication. This executive order follows president Biden’s remarks to the Office of the director of National Intelligence recently regarding state-sponsored cyber-attacks: “If we end up in a war … with a major power, it’s going to be as a consequence of a cyberbreach of great consequence.”
Commenting on this move, Tim Mackey, principal security strategist at the Synopsys Cybersecurity Research Centre, said "In the memorandum, president Biden highlights the importance of both detecting threats, but also having the ability to measure threat activity against cybersecurity performance goals. It instructs the secretary of Homeland Security to issue a preliminary set of goals for providers of critical infrastructure by September 22nd, where those goals relate to threat visibility and indications of threat activity required to respond to any attempted compromise. While this Memorandum relates to critical infrastructure and its associated control systems and operational networks, the focus of the memorandum has applicability to other business segments. Specifically, an assumption should be made that attacks are always possible, and that measuring threat activity requires a baseline from which to distinguish normal from abnormal. Organisation that have performed threat models on their operations, but who haven’t defined processes to monitor for attempts to subvert compensating controls should take this opportunity to update their threat models”.