House lawmakers approved a new bill on Monday that’s aimed at securing technology used to power U.S. critical infrastructure from cyber-attacks.

The bill would codify work the Department of Homeland Security is currently doing to identify cyber threats to industrial control systems and ways to mitigate them.  Industrial control systems are used to run critical services across the United States, including the electric grid, water systems, and manufacturing plants.

An attack on the nation’s critical infrastructure could be potentially disastrous and could have extremely negative consequences on U.S. public health and safety, national security, and economic security.

Hackers tied to the Russian government were just recently blamed by the FBI and Homeland Security for instigating a cyber-attack against the U.S. energy sector and other critical infrastructure areas. Researchers found that the hackers were able to successfully breach the networks and access information on industrial control and supervisory control and data acquisition, also known as SCADA systems.

The increased fears associated with threats to the U.S. power grid sparked the bill, formally known as the “DHS Industrial Control Systems Capabilities Enhancement Act of 2018”. The bill would codify into law Homeland Security’s efforts to safeguard these systems by adjusting the Homeland Security Act of 2002 to instruct the department to maintain capabilities to help identify threats to industrial control systems and take the lead on coordinating across critical sectors to respond to cyber-attacks.

The bill would allow Homeland Security officials to provide cyber technical assistance to end users, manufacturers, and others to help find ways to mitigate vulnerabilities in industrial controls systems that could potentially be exploited by cybercriminals. It would also codify a current vulnerability disclosure program at the Department of Homeland Security whereby the department would disclose previously unknown flaws in these systems to the private sector.

Homeland Security officials would also be required to brief Congress on efforts to protect these systems twice a year for the first four years following its enactment.

NNT suggests implementing industry standards such as NERC CIP or the CIS Controls at a minimum to better secure industrial control systems from potential attacks. In addition, implementing Closed-Loop Intelligent Change Control to gain visibility into system configuration systems and spot unusual activity that could represent a cyber-attack before any serious damage is done.

NNT Products
USA Offices
New Net Technologies LLC
Naples
Suite #10115, 9128 Strada Place
Naples, Florida, 34108
Atlanta
201 17th Street, Suite 300
Atlanta, Georgia, 30363.

Tel: 1-888-898-0674
email [email protected]
UK Office
New Net Technologies LLC
Rivers Lodge
West Common
Harpenden
Hertfordshire
AL5 2JD

Tel: 01582 287310
email [email protected]
Connect
Google+ Linkedin Twitter - Change Tracker Facebook rss feed YouTube
CIS benchmarking SEWP Cybersecurity 500Sans Institute Now Certified
Copyright 2018, New Net Technologies LLC. All rights reserved. 
NNT and Change Tracker are registered trademarks of New Net Technologies LLC.
All other product, company names and trademarks are the property of their respective owners.