The Cybersecurity and Infrastructure Security Agency (CISA) has solicited feedback on the list for months, and granted an extension through last week for trade associations and others to deliver their commentary. While the goals are voluntary, some industry officials are uncomfortable about whether the “performance goals” are a prelude to regulation, among other concerns.
A couple examples of the goals on the 22-page list:
- “Owners/operators should define which utilities are essential to maintain operations (such as water, power, and HVAC), and deploy and regularly test failover…
