Cybersecurity Updates
International Liquid Terminals Association
  • Join
News & ResourcesGovernment Affairs Brief

Government Affairs Brief

Advocacy never slows down. This monthly brief is your window into what ILTA is tracking, influencing, and advancing, so you can stay informed on the issues shaping our industry.

Michael Stroud
/ Categories: ILTA News Articles

Cybersecurity Updates

Development Common Baselines for Cybersecurity for Critical Infrastructure Continues

The National Institutes of Standards and Technology (NIST) and the Department of Homeland Security, Cybersecurity and Infrastructure Security Agency (CISA) are continuing to coordinate cross-sector Common Baseline goals and objectives for cybersecurity to protect critical infrastructure. This cross-sector process started in response to several high-profile cyber hacking incidents of critical infrastructure. As a result, the Biden Administration issued the 2021 National Security Memorandum on Improving Cybersecurity for Critical Infrastructure Control Systems. The National Security Memorandum established a working group with the U.S. Departments of Commerce, Homeland Security, and the National Institute of Technology and Standards (NIST). The overall goal was to establish common baseline objectives and performance standards to increase cybersecurity preparedness, response, and resilience for cyber incidents.

In July 2021, U.S. Department of Homeland Security, working through CISA and NIST were tasked with developing the preliminary cybersecurity performance goals that will drive adoption of effective practices and controls. CISA and NIST identified nine categories of recommended cybersecurity practices and used these categories as the foundation for preliminary control system cybersecurity performance goals. Each of the nine goals includes specific objectives that support the deployment and operation of secure control systems that are further organized into baseline and enhanced objectives.  These goals represent high-level cybersecurity best practices.  They are:

Risk Management and Cybersecurity Governance

Architecture and Design

Configuration and Change Management

Physical Security

System and Data Integrity, Availability, and Confidentiality

Continuous Monitoring and Vulnerability Management

Training and Awareness

Incident Response and Recovery

Supply Chain Risk Management

DHS CISA and NIST have held a series of outreach meetings, which ILTA staff have attended. As the outreach process closes, the CISA and NIST Working Group has set a deadline of August 10, 2022, for submission of feedback and has asked for the Sector Risk Management Agencies (SRMA) to consolidate all input and feedback into a single submission. To allow for compilation of feedback, CISA and NIST requested that ILTA Members please submit your comments in the attached comment form to Michael Stroud, with ILTA, no later than Wednesday, August 3rd. Please let Michael Stroud know if you have any questions.

Previous Article Registration Now Open for Fall 2022 EHSS Committee Meetings
Next Article Safety Awards
Print
735 Rate this article:
No rating

Documents to download

Please login or register to post comments.
International Liquid Terminals Association
  • Join