The US Cybersecurity plan is on top of the priorities of President Joe Biden. Of course, it was on top of former presidents as well, from Clinton to Trump. But now things are different: the impact on critical infrastructure and the increase in scale and magnitude of cyberattacks moved the Biden administration towards new, bold and necessary steps to contain the threat.
But what are the main steps taken and how is the Biden administration moving towards improving cybersecurity in the USA?
The urgency of critical infrastructure defense
Picture a factory that stops on its tracks because of ransomware. Access to the automated production line is cut, and information on parents and blueprints is stolen and/or lost. Bad enough for any industrial supplier, of course.
Now, imagine this factory is responsible for the US military jet fighters. What are the consequences of this attack, to both that factory but for the country’s military defense?
Financial losses on private corporations are nothing new in the cyberattack world. However, criminals have shifted their focus from corporations to governments and the critical infrastructure they manage or depend on. These provide essential services and raise the stakes for cybercrime. The equation is simple:
Highest disruption + higher number of lives impacted = higher ransom payments.
When asked why he paid $4.4 million in ransom on the recent Colonial Pipeline ransomware attack, CEO Joseph Blount replied: “It was the right thing to do for the country.” That’s what concerns Joe Biden, just as it should concern every country leader.
How serious is the Biden administration about cybersecurity?
Before we go into details of all the steps President Joe Biden has taken to improve the US government cyber defense, let’s go back to 2013, during the Obama administration.
The Presidential Policy Directive – PPD21 was established on February 12, 2013, and listed the 16 Critical Infrastructure Sectors. Each one of these made the list for being a sector that if disrupted “would have a debilitating effect on security, national economic security, national public health or safety, or any combination thereof.”
Even at a time when Joe Biden was only the vice-president and attacks on critical infrastructure were not a hot topic, the concern was there, and it’s the foundation of the US cybersecurity policies and actions today.
Going back to 2021, what are the main steps that the Joe Biden administration took to make the US more resilient to cybercrime?
Policies: The Executive Order signed by Joe Biden to improve cybersecurity
In May 2021, Joe Biden signed an executive order, aiming to raise government cybersecurity standards and increase cyber attack defense. One of the main points of the executive order is the implementation of the Incident Review Board, to analyze cyberattacks, much like it’s done with airline accidents. That is a proactive shift, to try and understand the vulnerabilities of the 16 critical infrastructures and build defenses on top of data and intelligence.
The other important points of the order include new vendor standards, encryption requirements, and zero trust architecture. See the video below for details:
Investigative power: ransomware = terrorism
Following in the footsteps of the Executive Order signed by Joe Biden, the US Justice Department elevated ransomware investigations to a status similar to terrorism. That change happens mainly to elevate the status of such attacks and generate more serious accountability.
However, another important takeaway from this decision is in investigating the entire chain of a cyberattack. Many criminal groups operate from foreign countries, mainly Russia, and with the escalation from common crime to terrorism, the FBI can work more efficiently on going up the chain.
Grassroots: empowering businesses from the ground up
One of the most vulnerable parts of the critical infrastructure is businesses. Being so, one of the action points of the Biden administration was improving the cyber awareness of American organizations. This movement started with an open letter from the White House to give directions for improved cyber defense. The letter includes tips on separating business and production systems, for example.
Since there’s no government control of these endpoints and systems, but considering they are part of the bigger critical infrastructure. The next steps of the Biden administration will include incorporating them in the country’s cybersecurity umbrella, with the same guidelines and compliance policies.
What’s next for Joe Biden and the US cybersecurity?
It’s safe to say that Joe Biden will work on cybersecurity at home and beyond the US borders. Everything we mentioned in this article is proof of the first. As for the second, it’s worth mentioning meetings with other leaders, to communicate the strategy and stimulate mutual cooperation.
In an example of this movement, the US president had a meeting with Russian President Vladimir Putin, where he claimed that “certain cyberattacks should be off-limits,” a clear reference to a partnership between the two nations to mitigate these intrusions. Not only that, a mention to the fact that omissions won’t be tolerated.
Since the US is a strong reference, it’s worth following the next steps of these policies and action plans. By doing so, we can learn the actual impact of cybersecurity on critical infrastructure.
