Cybersecurity Updates
International Liquid Terminals Association
  • Join

Newsletter

A respected industry publication for ILTA members, this monthly newsletter highlights legislative and regulatory activities affecting terminal facilities. It also provides news on recent business development within the terminal industry, including new construction, expansions, acquisitions and additions to ILTA's membership, as well as important information about ILTA's committee meetings, conferences and training events. ILTA also offers ILTA News Plus to members. This publication, sent on weeks that ILTA News is not published, aggregates industry and member news.

Not a member? Join ILTA today and stay up-to-date withILTA News and ILTA News Plus.
Michael Stroud
/ Categories: ILTA News Articles

Cybersecurity Updates

Development Common Baselines for Cybersecurity for Critical Infrastructure Continues

The National Institutes of Standards and Technology (NIST) and the Department of Homeland Security, Cybersecurity and Infrastructure Security Agency (CISA) are continuing to coordinate cross-sector Common Baseline goals and objectives for cybersecurity to protect critical infrastructure. This cross-sector process started in response to several high-profile cyber hacking incidents of critical infrastructure. As a result, the Biden Administration issued the 2021 National Security Memorandum on Improving Cybersecurity for Critical Infrastructure Control Systems. The National Security Memorandum established a working group with the U.S. Departments of Commerce, Homeland Security, and the National Institute of Technology and Standards (NIST). The overall goal was to establish common baseline objectives and performance standards to increase cybersecurity preparedness, response, and resilience for cyber incidents.

In July 2021, U.S. Department of Homeland Security, working through CISA and NIST were tasked with developing the preliminary cybersecurity performance goals that will drive adoption of effective practices and controls. CISA and NIST identified nine categories of recommended cybersecurity practices and used these categories as the foundation for preliminary control system cybersecurity performance goals. Each of the nine goals includes specific objectives that support the deployment and operation of secure control systems that are further organized into baseline and enhanced objectives.  These goals represent high-level cybersecurity best practices.  They are:

Risk Management and Cybersecurity Governance

Architecture and Design

Configuration and Change Management

Physical Security

System and Data Integrity, Availability, and Confidentiality

Continuous Monitoring and Vulnerability Management

Training and Awareness

Incident Response and Recovery

Supply Chain Risk Management

DHS CISA and NIST have held a series of outreach meetings, which ILTA staff have attended. As the outreach process closes, the CISA and NIST Working Group has set a deadline of August 10, 2022, for submission of feedback and has asked for the Sector Risk Management Agencies (SRMA) to consolidate all input and feedback into a single submission. To allow for compilation of feedback, CISA and NIST requested that ILTA Members please submit your comments in the attached comment form to Michael Stroud, with ILTA, no later than Wednesday, August 3rd. Please let Michael Stroud know if you have any questions.

Previous Article Registration Now Open for Fall 2022 EHSS Committee Meetings
Next Article Safety Awards
Print
35 Rate this article:
No rating

Documents to download

Please login or register to post comments.