Infrastructure Council Presses White House on Cybersecurity

NIAC Says Drills and Exercises Are Needed to Enhance Cybersecurity
NIAC cover

[Stay on top of transportation news: Get TTNews in your inbox.]

At a meeting this month of the National Infrastructure Advisory Council, the group proposed a need for drills and exercises designed to enhance cybersecurity.

According to background information the White House provided March 17, such work would “improve incident response across interdependent infrastructure sectors and supply chains.”

The group remains focused on identifying “barriers to collaboration between critical infrastructure sectors on matters of security and resilience,” per the White House.

The council, consisting of public and private sector executives, is tasked with advising the White House on programs meant to reduce physical and cyber risks to critical infrastructure systems nationwide. The council recently recommended the White House pursue efforts that would harmonize standards governing private sector activities, enhance the coordination of local, state and federal government agencies, and amplify the timeliness and transparency of certain threat information.

In a report issued this month, the council indicated that it “concludes that standards governing the security and resilience of critical infrastructure assets should be mandatory.”

“The [National Infrastructure Advisory Council] acknowledges that standards need to be developed with industry input, but standards should ultimately be mandatory when they deal with security vulnerabilities that could impact the provision of critical infrastructure across sectors,” per a draft of the report titled, “Cross-Sector Collaboration to Protect Critical Infrastructure: Barriers and Recommendations for Improvement.”

The report “also explains why such standards should be outcome-based. Outcome-based standards identify what needs to be addressed to ensure cross-sector physical and cybersecurity while leaving the how … to the providers themselves.”

The council went on to conclude that it “urges the president to consider these recommendations for immediate and long-term implementation to improve the nation’s critical infrastructure resilience and security through increasingly essential collaboration across sectors.”

In recent years, the council has recommended various improvements to intelligence information sharing, as well as identifying and reducing complex cyber risks. Freight operations associated with the transport of commodities and hazardous materials still require such scrutiny.

The Biden administration recently reaffirmed its commitment to ensure the security of supply chain hubs and programs essential to the economy. Advancing programs that improve cybersecurity across commercial transportation corridors is a priority for a White House focused on the implementation of a $1.2 trillion infrastructure law. Funds targeting cybersecurity authorized in 2021’s Infrastructure Investment and Jobs Act have potential for enhancing operations across freight sectors, the measure’s proponents argue.

Congressional funding leaders are debating fiscal 2024 budget proposals from the White House, which seek to increase funding for certain cybersecurity operations associated with transportation modes.

In recent years, cyberattacks that disrupted the flow of freight as well as petroleum products were examined by policymakers on Capitol Hill.

Want more news? Listen to today's daily briefing above or go here for more info

After a disruptive cyberattack in 2021 on Colonial Pipeline’s petroleum transport operations, Senate Commerce Committee Chairwoman Maria Cantwell (D-Wash.) warned that such cyberattacks have the capability of shutting down infrastructure programs and marketplace sectors.

Soon after the Colonial Pipeline incident, the senator said, “The federal government should be part of the solution. We need to bring about critical infrastructure investments in technology that can help the electricity grid and companies secure their networks from these kinds of intrusions.”