Dave Nyczepir
The cybersecurity executive order issued by the Biden administration last wekk doesn’t require the relevant agencies to increase their visibility into critical infrastructure, a lingering weakness for the federal government, security experts told FedScoop.
When the May 7 ransomware attack on Colonial Pipeline Co. occurred, the Cybersecurity and Infrastructure Security Agency lacked any knowledge of the incident until it was notified by the FBI. While the new executive order gives the Office of Management and Budget 60 days to increase contractual threat and incident information-sharing requirements for service providers of operational technology (OT), both private sector companies and lawmakers expressed concerns following the attack that Department of Homeland Security agencies like CISA and the Transportation Security Administration aren’t doing enough to continuously monitor the cybersecurity of OT for pipelines and other critical infrastructure like the U.S. electric grid.
“Departments and agencies who have the responsibility for…
