After the signing of the comprehensive cybersecurity executive order last week, it was time to present an infrastructure plan that would help push the strengthening of cybersecurity forward. This is an important first step that involves $22 billion in grants to help state and local governments upgrade their security in critical infrastructure, modernize their networks and systems, and generally increase their resilience against hackers.
States and local governments will be able to use these financial resources to directly fund standalone cybersecurity solutions or system upgrades. Eligibility will be dependent on a range of things, including policies around the detection and blocking of malicious activity on the operational networks. For entities to take advantage, they need to propose upgrade plans that are in line with modern security, technology, and energy standards.
However, it is important to note that this is merely an indication of the U.S. Government’s intentions right now, as plans like this one aren’t expected to have a fundamental impact any time soon. As Chris Morales, CISO at Netenrich, tells us:
If we consider ransomware attacks and the key role of the human factor, it becomes clear that replacing severely deprecated systems now will not stop persistent and sophisticated actors. However, it is an important first step and one that was long overdue.
The energy industry in the U.S., and other places in the world, have kept cybersecurity in the back seat for years, thinking about it as an unnecessary cost that gives nothing in return. This mentality is changing now, and the grants proposed by the Biden administration are playing a crucial role in fueling this shift in the industry’s mindset.
In addition to the above, the White House also announced an amount of $650 million to be given to CISA (Cyber Security and Information Security Agency) to help the agency upgrade its response capabilities and the security support services it offers to other critical federal entities in the country.