US Government Needs to Focus on Critical Infrastructure
Amid the ongoing Russian invasion of Ukraine, heightened tensions between China and Taiwan, and an increasing number of attempts to attack critical infrastructure like power plants and water-processing facilities, the US federal government has a lot to monitor in cyberspace. MITRE, the nonprofit tech and engineering consultancy, has outlined a set of priorities for the next presidential administration to focus on, regardless of who wins the 2024 election.
According to Dark Reading, MITRE’s “Don’t Trust but Verify: Strengthening U.S. Leadership To Safeguard Our Cyber Defenses” memo identifies areas for prioritization, including preparing for advances in quantum computing, protecting critical infrastructure, clarifying leadership roles, and implementing a zero-trust framework within the federal government.
Priority 1: Protect critical infrastructure. MITRE calls for the US Department of Homeland Security (DHS) to update recovery plans for the sector within six months and large-scale critical infrastructure attacks to its National Preparedness System. DHS should also start running simulations akin to natural disaster drills that can hammer out reactions, such as a company rehearsing its incidence response plan. In addition, legacy systems should be upgraded so they can handle zero-trust principles, such as microsegmentation, and to enforce the use of software bills of material (SBOMs), even expanding them to list out “cryptographic details.” And within 90 days, the federal government should identify ways to support local and state governments with their own security practices.