In the News – This Week in Critical Infrastructure: Week of March 5, 2018
Posted: March 9, 2018 at 10:38 am
This Week in Critical Infrastructure we look at reports from Congress on plans to move forward with current GOP infrastructure proposals, as well as the introduction of a competing Democrat infrastructure plan. We also take a look at assessments of infrastructure cybersecurity based on recent Senate testimony from security firm Dragos and a new GAO report on the efficacy of the NIST Framework.
In this article from J.M. Porup at CSO Online, testimony from experts at Dragos, a cybersecurity firm, before a U.S. Senate committee last week highlights the differences between Information Technology (IT) and Operational Technology (OP), especially regarding security. According to Robert M. Lee of Dragos, typical guidance for IT, which focuses on patching systems in response to threats, is ineffective or potentially harmful to many industrial control systems (ICS) and other OT assets.
From Lindsey McPherson and Jacob Fischer at Roll Call, House Speaker Paul Ryan provided details this week on the process Congress intends to take in addressing infrastructure plans discussed by Republicans in Congress and the White House over the past year. Ryan stated that the House will approached the plan in pieces, passing the legislation in five or six separate bills instead of tackling the plan in one large piece of legislation.
Daniella Diaz from CNN reports on the release of a new infrastructure plan by Senate Democrats as a response and alternative to plans put forward by the Trump Administration. Unlike President Trump’s plan, which relies heavily on private investment, the Democrat plan faces slim chances of passage due to its reliance on reinstatement of various various taxes affected by the recent tax overhaul passed by Congress in 2017.
MeriTalk writes on a new report from the U.S. Government Accountability Office that examines the NIST “Framework for Improving Critical Infrastructure Cybersecurity.” Given the voluntary nature of the NIST framework, GAO found that sector-specific agencies with oversight authority for critical infrastructure have no way of accurately assessing implementation of the framework by private owners and operators.
Write to the Editors at firstname.lastname@example.org