U.S. Administration pursues urgent cyber support for water facilities and healthcare sectors
In a keynote speech at Auburn University's McCrary Institute, National Cyber Director Harry Coker Jr. outlined the administration's plans to enhance cybersecurity in key sectors, including healthcare and water utilities.
Coker emphasized the need for federal investments in cybersecurity technology and workforce development, particularly for these sectors. He also highlighted the importance of public-private partnerships to enhance information sharing between government agencies and utility operators, including water systems.
To combat ransomware, the administration is strengthening the FBI and CISA's capabilities to investigate and disrupt ransomware groups. They are also encouraging organizations to adopt proactive cybersecurity hygiene and incident response plans.
Coker also mentioned the need to better understand open source security risks. In response, the Cybersecurity and Infrastructure Security Agency and the National Institute of Standards and Technology are assessing the feasibility of a security risk assessment center for open source software.
Recent threats to the nation's critical infrastructure, such as the Lapsus$ ransomware group recruiting teens to infiltrate organizations, have necessitated additional measures. The administration is taking new actions to strengthen key critical infrastructure sectors, including a first-ever cyber grant for water utilities worth $25 million.
The Department of Health and Human Services has been dealing with a series of catastrophic cyberattacks impacting patient care and access to medications. In response, the department will implement a cybersecurity strategy for the healthcare sector, including raising baseline standards for hospitals and seeking additional aid for small, rural, and critical care facilities.
The proposed Biden budget includes $12 million for additional cybersecurity capacity at HHS and $25 million for additional sector risk management agency capacity. The Environmental Protection Agency will provide more technical assistance for public water systems.
The administration's efforts also include plans to deter juveniles from cybercrime, as recommended by the Cyber Safety Review Board. This includes developing a program to discourage young people from engaging in such activities.
The administration's report on the nation's cyber readiness, unveiled two weeks ago, underscores the ongoing need to boost resilience and strengthen sector management in the face of ongoing threats. The administration's plans to improve the resilience of additional sectors are yet to be detailed.
For the specific measures and details discussed in Coker’s keynote, please refer to Auburn University’s official release or a transcript of the event for the detailed outline.
- The administration is encouraging organizations in key sectors like healthcare and water utilities to adopt proactive cybersecurity measures, such as implementing incident response plans and adopting proactive cybersecurity hygiene, to combat threats like ransomware.
- In response to the need for a better understanding of open source security risks, the Cybersecurity and Infrastructure Security Agency and the National Institute of Standards and Technology are assessing the feasibility of a security risk assessment center for open source software.
- Recognizing the recruitment of teens by ransomware groups as a new threat to the nation's critical infrastructure, the administration is planning to deter juveniles from cybercrime by developing a program to discourage young people from engaging in such activities.
