Skip to main content
close search
site logo
Dive Brief

White House to raise cyber standards for healthcare, water and emergency communications

The Cybersecurity and Infrastructure Security Agency will also roll out minimum security standards by late October that can apply to organizations across sectors.

Published Oct. 14, 2022
Naomi Eide's headshot
Managing Editor
Woman speaks at a White House podium in the distance, seen through a blurred out crowd.
U.S. Deputy National Security Advisor for Cyber and Emerging Technology Anne Neuberger speaks during a White House daily press briefing at the White House on March 21, 2022 in Washington, DC Alex Wong via Getty Images
This audio is auto-generated. Please let us know if you have feedback.

Dive Brief:

  • The White House has picked healthcare, water and emergency communications as its next critical infrastructure focus areas, with the aim of raising minimum security standards, Anne Neuberger, the White House deputy national security advisor for cyber and emerging technology, said Thursday at an Axios event. 
  • Many peer governments have minimum cybersecurity standards in place for critical infrastructure, said Neuberger. "We're now recognizing we very much need to do that in the U.S.," building on what the administration has seen happen in recent ransomware attacks, including those against a U.S. hospital chain.
  • At the end of October, the Cybersecurity and Infrastructure Security Agency will also roll out minimum security standards that can apply to organizations across sectors.

Dive Insight:

Water, emergency communications and healthcare are soft spots in U.S. critical infrastructure resiliency, areas that if compromised could directly affect people's safety. 

The attention on healthcare comes after a tumultuous period for the sector. One of the nation's largest health systems, CommonSpirit Health, is still reeling from a ransomware attack that is disrupting services. 

The U.S. counts 16 sectors as critical infrastructure, but some already have a high standard of security in place. Financial services, for example, has existing policies dictating security compliance.

The White House's goal is for Americans to have confidence in all critical services and is honing in on those sectors that don't already have standards in place, according to Neuberger. 

The White House is now aiming to fill the gaps, much as it did with its focus on oil and gas after the Colonial Pipeline ransomware attack last year. The Transportation Security Administration rolled out security guidelines for oil and gas, and will introduce additional guidelines for aviation and rail, Neuberger said. 

Rolling out security guidelines is not without its hiccups. After key stakeholders pushed back, The White House brought in executives across the sector to share top secret, classified context around threats targeting the sector, Neuberger said. 

The TSA revised the security directives with the executive input and used a similar model of public-private sector collaboration to develop aviation and rail guidance.

Filed Under: Policy & Regulation

Editors' picks

Company Announcements

View all | Post a press release
Clay Platte Family Medicine Data Breach Investigation
From Migliaccio and Rathod LLP
October 21, 2024
DigiCert Welcomes Lakshmi Hanspal as New Chief Trust Officer
From DigiCert
October 24, 2024
CUSO Financial Services, LP Data Breach Investigation
From Migliaccio & Rathod LLP
October 31, 2024
Tech Ambitions Collide with Reality: 2025 Technology Impact Report Exposes Critical Readiness…
From Omnia Strategy Group, LLC
October 21, 2024
Editors' picks
Latest in Policy & Regulation
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell