A Plan to Protect Critical Infrastructure from 21st Century Threats

On April 30th, the White House released National Security Memorandum-22 on Critical Infrastructure Security and Resilience, which updates national policy on how the U.S. government protects and secures critical infrastructure from cyber and all-hazard threats.
NSM-22 recognizes the changed risk landscape over the past decade and leverages the enhanced authorities of federal departments and agencies to implement a new risk management cycle that prioritizes collaborating with partners to identify and mitigate sector, cross-sector, and nationally significant risk.
The culmination of this cycle is the creation of the 2025 National Infrastructure Risk Management Plan-updating and replacing the 2013 National Infrastructure Protection Plan-and will guide federal efforts to secure and protect critical infrastructure over the coming years.
As the National Coordinator for critical infrastructure security and resilience, the Cybersecurity and Infrastructure Security Agency will develop this National Plan to be forward-looking and employ all available federal tools, resources, and authorities to manage and reduce national-level risks, including those cascading across critical infrastructure sectors.
CISA will look to its partners to help us and the other Sector Risk Management Agencies over the course of the year as we develop this foundational document.
Building off the priorities of NSM-22, the 2025 National Plan will articulate how the U.S. government will collaborate with partners to identify and manage national risk.
Over that same decade, Congress and successive administrations have established new agencies, authorities, and collaborative partnerships that empower a whole-of-society approach to national risk management.
NSM-22 details a new risk management cycle that requires SRMAs to identify, assess, and prioritize risk within their respective sectors and develop sector risk management plans to address those risks.
With these risk assessments and risk management plans, CISA will identify and prioritize systemic, cross-sector, and nationally significant risk through a cross-sector risk assessment.
This assessment will enable CISA to prioritize systemic risk reduction efforts-detailed in the National Plan-that the U.S. government will take in collaboration with relevant federal, state and local, private, and international partners.
Most importantly, the National Plan will recognize that the U.S. government cannot make all critical infrastructure immune from all threats and hazards.
Rather, it will detail U.S. government efforts to make critical infrastructure resilient against prioritized risks based on the 16 sector's risk assessments and CISA's cross-sector risk assessments.
All the while, CISA and other federal partners will work closely with SRMAs to manage their unique sector risks.
This will be a fundamentally new approach to U.S. government risk management.
The increasing interconnectivity of critical infrastructure systems, reliance upon global technologies and supply chains, and geopolitical tensions make these systems susceptible to a myriad of threats.
Addressing these risks will require a coordinated national effort by federal agencies; State, Local, Tribal, and Territorial governments, infrastructure owners and operators, and other stakeholders across the critical infrastructure community.
As those responsible for the security and resilience of U.S. critical infrastructure, we must collectively address emergent risks and an uncertain future while remaining vigilant against longstanding threats like terrorism, natural disasters, and targeted violence.
Trusted, sustained, and effective partnerships between the federal government and private-sector and SLTT partners is the foundation of our collective effort to protect the nation's critical infrastructure.
We ask that you work with your respective SRMAs through the development of your sector risk assessments and sector risk management plans, as these will be core inputs into the National Plan.
These inputs will be invaluable as we develop a plan that allows the U.S. government to better prioritize our risk mitigation efforts and reduce risk for the critical infrastructure that underpin American society.


This Cyber News was published on www.cisa.gov. Publication date: Wed, 29 May 2024 21:13:07 +0000


Cyber News related to A Plan to Protect Critical Infrastructure from 21st Century Threats

9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com
A Plan to Protect Critical Infrastructure from 21st Century Threats - On April 30th, the White House released National Security Memorandum-22 on Critical Infrastructure Security and Resilience, which updates national policy on how the U.S. government protects and secures critical infrastructure from cyber and ...
6 months ago Cisa.gov
Incident Response Plan: How to Build, Examples, Template - A strong incident response plan - guidance that dictates what to do in the event of a security incident - is vital to ensure organizations can recover from an attack or other cybersecurity event and minimize potential disruption to company ...
10 months ago Techtarget.com
The Evolution of Cyber Threats: Past, Present, and Future - Cyber threats have evolved significantly over time, posing increasing risks to individuals, organizations, and governments in our interconnected world. Let's explore the past, present, and future of cyber threats to better understand how to protect ...
10 months ago Securityzap.com
What CIRCIA Means for Critical Infrastructure Providers and How Breach and Attack Simulation Can Help - Cyber Defense Magazine - To prepare themselves for future attacks, organizations can utilize BAS to simulate real-world attacks against their security ecosystem, recreating attack scenarios specific to their critical infrastructure sector and function within that sector, ...
2 months ago Cyberdefensemagazine.com
Information-blocking rule in 21st Century Cures Act redefines data exchange in healthcare - A Verato survey offers perspectives on the data management strategies of healthcare executives, highlighting the crucial role of Healthcare Master Data Management in addressing key gaps, facilitating seamless data exchange, and aligning with the ...
1 year ago Helpnetsecurity.com
Cybersecurity Crisis Management: Best Practices for Business Continuity - In the current security environment, cyber threats present an ever-increasing challenge for business organizations. To remain competitive, enterprises must implement strategies and protocols to manage cybersecurity crises and ensure business ...
1 year ago Tripwire.com
Strategy, Harmony & Research: Triaging Priorities for OT Cybersecurity - The mission of the Cybersecurity and Infrastructure Security Agency is to lead the national effort to understand, manage, and reduce risk to the cyber and physical infrastructure that Americans rely on every hour of every day. CISA is not responsible ...
1 year ago Darkreading.com
Week in review: Terrapin SSH attack, Mr. Cooper breach - Creating a formula for effective vulnerability prioritizationIn this Help Net Security interview, Michael Gorelik, CTO and Head of Malware Research at Morphisec, provides insights into the business impact of vulnerabilities. EMBA: Open-source ...
11 months ago Helpnetsecurity.com
In the Trenches of Broadband Policy: 2023 Year In Review - Lawmakers recognized this during the pandemic and set in motion once-in-a-generation opportunities to build the future-proof fiber infrastructure needed to close the digital divide once and for all. Monopolistic internet service providers, with ...
11 months ago Eff.org
Opening Statement by CISA Director Jen Easterly - Chairman Gallagher, Ranking Member Krishnamoorthi, Members of the Committee, thank you for the opportunity to testify on CISA's efforts to protect the Nation from the preeminent cyber threat posed by the People's Republic of China. As America's ...
10 months ago Cisa.gov
Cybersecurity Trends: Shaping the Future Landscape - Embark on a journey through the ever-evolving landscape of cybersecurity, where hidden threats and silent breaches shape the digital realm. AI is transforming the cybersecurity landscape by enhancing threat detection and mitigation, ushering in a ...
9 months ago Securityzap.com
How To Deploy HYAS Protect - HYAS Protect is an intelligent, cloud-based protective DNS solution that proactively detects and blocks communication with command and control infrastructure used in malware attacks. HYAS Protect also blocks communication with a host of other ...
7 months ago Securityboulevard.com
Cybersecurity Risk Management: Top 20 essential Long-Tail Keywords - Cybersecurity risk management is essential for protecting any organization from malicious actors on the internet. In the digital age, all businesses need to understand the risks and take steps to defend themselves from cyber threats. Cybersecurity ...
1 year ago Heimdalsecurity.com
Attacks on critical infrastructure are harbingers of war: Are we prepared? - Recent attacks on several water authorities, such as Aliquippa and St. Johns River, are putting a new spotlight on the need to protect critical infrastructure. In war, to bring a nation to its knees, attacks against power and water inflict the most ...
11 months ago Scmagazine.com
Crafting an Effective Cyber Attack Response Plan: A Comprehensive Guide - In an era dominated by digital advancements, businesses and organizations face an ever-growing threat from cyber attacks. The importance of having a robust cyber attack response plan cannot be overstated. A well-crafted plan not only helps mitigate ...
11 months ago Cybersecurity-insiders.com
Critical infrastructure in the crosshairs: Examining the threats facing service providers in the U.S. - Critical infrastructure is facing a wave of cyberattacks, posing a severe threat to essential services across the United States and globally. The scale and frequency of these attacks have elevated defending infrastructure to a national priority, as ...
11 months ago Cybersecurity-insiders.com
Critical infrastructure in the crosshairs: Examining the threats facing service providers in the U.S. - Critical infrastructure is facing a wave of cyberattacks, posing a severe threat to essential services across the United States and globally. The scale and frequency of these attacks have elevated defending infrastructure to a national priority, as ...
11 months ago Cybersecurity-insiders.com
Critical infrastructure in the crosshairs: Examining the threats facing service providers in the U.S. - Critical infrastructure is facing a wave of cyberattacks, posing a severe threat to essential services across the United States and globally. The scale and frequency of these attacks have elevated defending infrastructure to a national priority, as ...
11 months ago Cybersecurity-insiders.com
Critical infrastructure in the crosshairs: Examining the threats facing service providers in the U.S. - Critical infrastructure is facing a wave of cyberattacks, posing a severe threat to essential services across the United States and globally. The scale and frequency of these attacks have elevated defending infrastructure to a national priority, as ...
11 months ago Cybersecurity-insiders.com
Critical infrastructure in the crosshairs: Examining the threats facing service providers in the U.S. - Critical infrastructure is facing a wave of cyberattacks, posing a severe threat to essential services across the United States and globally. The scale and frequency of these attacks have elevated defending infrastructure to a national priority, as ...
11 months ago Cybersecurity-insiders.com
Critical infrastructure in the crosshairs: Examining the threats facing service providers in the U.S. - Critical infrastructure is facing a wave of cyberattacks, posing a severe threat to essential services across the United States and globally. The scale and frequency of these attacks have elevated defending infrastructure to a national priority, as ...
11 months ago Cybersecurity-insiders.com
Critical infrastructure in the crosshairs: Examining the threats facing service providers in the U.S. - Critical infrastructure is facing a wave of cyberattacks, posing a severe threat to essential services across the United States and globally. The scale and frequency of these attacks have elevated defending infrastructure to a national priority, as ...
11 months ago Cybersecurity-insiders.com
Critical infrastructure in the crosshairs: Examining the threats facing service providers in the U.S. - Critical infrastructure is facing a wave of cyberattacks, posing a severe threat to essential services across the United States and globally. The scale and frequency of these attacks have elevated defending infrastructure to a national priority, as ...
11 months ago Cybersecurity-insiders.com
Critical infrastructure in the crosshairs: Examining the threats facing service providers in the U.S. - Critical infrastructure is facing a wave of cyberattacks, posing a severe threat to essential services across the United States and globally. The scale and frequency of these attacks have elevated defending infrastructure to a national priority, as ...
11 months ago Cybersecurity-insiders.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)