The Biden administration plans to launch a process to review and revise U.S. critical infrastructure protection policy, including providing guidance to agencies on designating certain critical infrastructure (CI) as “systemically important.” […]

The National Institute of Standards and Technology (NIST) plans to create a cybersecurity practice guide for the water and wastewater utilities sector, according to an announcement published last week. […]

Improving the cybersecurity of the water critical infrastructure sector, K-12 schools, and healthcare sector are among the top priorities for the Cybersecurity and Infrastructure Security Agency (CISA), agency Director Jen Easterly said today during Mandiant’s mWISE conference in Washington. […]

A Federal advisory committee this week approved a set of recommendations to help the Cybersecurity and Infrastructure Security Agency (CISA) protect critical infrastructure, even as the panel criticized some of the government’s current efforts to do so as unfocused and lacking clear national goals. […]

As the Russian invasion of Ukraine continues through its second month with no let-up in sight, Federal cybersecurity and law enforcement officials are warning that they still see indications of potential Russian cyberattacks on United States critical infrastructure, and are reiterating their “Shields Up” warning to meet those potential threats. […]

As the Russian government explores its options for potential cyberattacks on United States critical infrastructure, witnesses today urged members of the House Committee on Homeland Security to increase collaboration and information sharing efforts with industry stakeholders. […]

The late-day warning on Monday from President Biden and White House national security officials that the Russian government is exploring options for potential cyberattacks against U.S. critical infrastructure targets appeared to turn many heads in the Federal cybersecurity community that is by now long-used to receiving and generating cybersecurity advisories. […]

The White House issued a call to action today to critical infrastructure (CI) companies to strengthen their cyber defenses, based on evolving threat intelligence that the Russian government is exploring options for potential cyberattacks on U.S. critical infrastructure. […]

The Consolidated Appropriations Act of 2022 (H.R. 2471), introduced by Rep. Rosa DeLauro, D-Conn., would fund the Federal government through the end of fiscal year (FY) 2022 and includes language on cyber incident reporting for critical infrastructure (CI) requirements. […]

The Cybersecurity and Infrastructure Security Agency’s (CISA) National Risk Management Center (NRMC) is preparing for a change in leadership, as founding member Bob Kolasky prepares to leave CISA for the private sector. […]

Rep. Jim Langevin, D-R.I., said he is eyeing a universe of about 100 private sector firms that he considers to be “systemically important” critical infrastructure providers as he completes work on legislation that will call for closer collaboration between the Federal government and those companies on cybersecurity and related intelligence sharing. […]

While a good bit of the focus on the conferenced version of the fiscal year (FY) 2022 National Defense Authorization Act has centered around the lack of incident reporting and other legislative items that were cut from the bill, the defense spending bill that passed the House of Representatives last week continues to retain a variety of important cybersecurity and tech-related provisions. […]

The Biden-Harris administration has unveiled its space priority framework, which gives an overview of how the administration plans to develop and implement national space policy and strategy going forward, including protecting space-related critical infrastructure and strengthening the security of the nation’ space industrial base. […]

With an estimated 85 percent of the nation’s critical infrastructure controlled by private entities – and with many of those failing to practice basic cyber hygiene – witnesses told House lawmakers at a November 4 hearing that the time may be ripe for mandatory cyber incident reporting requirements for critical infrastructure operators. […]

The Intelligence and National Security Alliance – a trade group for the intel and national security communities – is arguing in a new white paper that United States space systems should be classified by the Federal government as critical infrastructure. […]

Legislative and Federal policy efforts are coming together to focus on protecting the top-most tiers of critical infrastructure in the United States, top officials from the House and the Cybersecurity and Infrastructure Security Agency (CISA) agreed today.  […]

With attacks on critical infrastructure increasing, Rep. Jim Langevin, D-R.I., chairman of the House Armed Services Subcommittee on Cyber, Innovative Technologies, and Information Systems, is calling for improved security of critical systems and increased cybersecurity collaboration among the private and public sector. […]

Senate negotiators have reached a deal on the legislative language for the $1.2 trillion Bipartisan Infrastructure package, the White House announced today, and a vote could come as soon as tonight. […]

The White House released a National Security Memorandum (NSM) today containing a new set of actions aimed to strengthen cybersecurity efforts to protect United States critical infrastructure amid the growing number of cyber threats and cyberattacks. […]

Ransomware has rocketed to the top of the Biden administration’s agenda as cyberattacks launched from the soil of U.S. adversaries have started to bite into key critical infrastructure. […]

Congressman Ted W. Lieu, D-Ca., and Congressman Ken Calvert, R-Ca., introduced the Space Infrastructure Act on June 4. This bill directs the Secretary of the Department of Homeland Security (DHS) to designate space systems, services, and technology as a critical infrastructure sector. […]

The continued flurry of high-profile ransomware attacks on critical infrastructure targets in the United States is climbing the ladder of presidential priorities – with President Biden saying it’s on the agenda for his summit with Russian President Vladimir Putin later this month, and White House officials confirming that cryptocurrency will be part of a new examination of global corruption. […]

President Trump’s National Infrastructure Advisory Council (NIAC) released recommendations and an implementation plan in a Dec. 10 report to the President for the creation of a Critical Infrastructure Command Center (CICC) that would be pair government and private sector experts to improve cybersecurity for critical infrastructure sectors. […]

The answer to that question, according to the latest memo on essential critical infrastructure form the Cybersecurity and Infrastructure Security Agency (CISA), turns out to be a lot.   […]

The Cybersecurity and Infrastructure Security Agency (CISA) on March 19 issued a list of 16 sectors – including information technology – that it considers essential during Federal, state, and local government responses to the COVID-19 coronavirus pandemic. […]

The National Institute of Standards and Technology (NIST) is seeking comments through May 4 on a draft revision of NISTIR 8183, the Cybersecurity Framework Manufacturing Profile, that includes subcategory enhancements established in the agency’s Framework for Improving Critical Infrastructure Cybersecurity, Version 1.1.  […]

The Cybersecurity and Infrastructure Security Agency (CISA) announced the kick-off of its annual Infrastructure and Security and Resilience Month running through the end of November. […]

The Government Accountability Office (GAO) identified in a new report several cybersecurity risks to the U.S. electric grid and called upon the Department of Energy (DoE) to develop an improved Federal strategy to protect against cyber threats to the grid. […]

The Government Accountability Office (GAO) recommended that the Transportation Security Administration (TSA) revise its pipeline security, cybersecurity guidelines, and risk assessment methodology, and build a more robust cybersecurity workforce to enhance its pipeline security program. […]

The Department of Homeland Security (DHS) and its Cybersecurity and Infrastructure Security Agency (CISA) released a list of 55 “national critical functions” today, signaling a shift from protecting specific critical infrastructure sectors to protecting specific activities that are crucial to the country. […]