US Rolls Out Voluntary Cybersecurity Goals


The United States is trying to make it easier for companies and organizations to bolster their cybersecurity in the face of growing attacks aimed at crippling their operations, stealing their data or demanding ransom payments.

Officials with the Department of Homeland Security and the Cybersecurity and Infrastructure Security Agency (CISA) rolled out their new Cybersecurity Performance Goals on Thursday, describing them as a critical but voluntary resource that will help companies and organizations make better decisions.

“Really what these cybersecurity performance goals present is a menu of options to advance one’s cybersecurity,” Homeland Security Secretary Alejandro Mayorkas told reporters, describing the rollout as a “watershed moment” for cybersecurity.

FILE - Homeland Security Secretary Alejandro Mayorkas speaks during a news conference at the State Department, Oct. 13, 2022.

FILE – Homeland Security Secretary Alejandro Mayorkas speaks during a news conference at the State Department, Oct. 13, 2022.

“They are accessible, they are easy to understand, and they are identified according to the cost that each would entail, the complexity to implement the goal, as well as the magnitude of the impact that the goal’s implementation would have,” he added.

For months, U.S. officials have been warning of an ever more complex and dangerous threat environment in cyberspace, pushing the government’s “Shields Up” awareness campaign, driven in part by Russia’s invasion of Ukraine earlier this year.

They have also called attention to cyberattacks by Iran and North Korea, while warning that both nation states and non-state actors have increasingly been scanning and targeting U.S. critical infrastructure, from water and electric companies to airports, which were struck by a series of denial-of-service attacks earlier in October.

Private cybersecurity companies have likewise warned of a growing number of attacks against health care companies and education and research organizations.

While some bigger U.S. companies and organizations have been able to devote time, money and other resources to confront the growing dangers, U.S. officials are concerned that others have not.

In particular, CISA has worried about small to mid-sized businesses, along with hospitals and school systems, often described by officials as target rich but resource poor because they do not have the money or resources to defend systems and data from hackers.

Officials said the new guidelines, which focus on key areas like account security, training, incident reporting, and response and recovery, and come with checklists, are designed to ease the burden. The officials also said they anticipate the goals will change and evolve along with the threat.

FILE - Jen Easterly, director of Department of Homeland Security's Cybersecurity and Infrastructure Security Agency, speaks in Des Moines, Iowa, Aug. 14, 2021.

FILE – Jen Easterly, director of Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, speaks in Des Moines, Iowa, Aug. 14, 2021.

The newly unveiled goals “were developed to really represent a minimum baseline of cyber security measures that if implemented, will reduce not only risk to critical infrastructure but also to national security, economic security and public health and safety,” said CISA Director Jen Easterly, calling them a “quick start guide.”

“[It’s] really a place to start to drive prioritized investment toward the most critical practices,” she said.

According to CISA, many of the new goals are already resonating, including with state and local officials running U.S. elections.

“We’ve been working with them to implement several of these best practices, as well as ensuring that they have the tools and resources and the capabilities to ensure the security and resilience of election infrastructure,” Easterly told reporters Thursday. “I’ve met with election officials even just over the past few days … and they all expressed confidence in particular in the cybersecurity across all of their systems.”

CISA also said Thursday that U.S. states and territories needing more help can take advantage of $1 billion in grants that are being made available over the next four years.

The grants, designed specifically to help protect U.S. critical infrastructure, were first announced last month.



Source link

Leave a Reply

Your email address will not be published.

How Miles Teller Totally Broke Royal Protocol Meeting Prince William and Kate Middleton Mila Kunis Reveals Why She and Ashton Kutcher Don’t Close Bathroom Doors at Home With Kids Khloe Kardashian and Tristan Thompson Were Engaged for 9 Months Before Paternity Lawsuit Selena Gomez Speaks Out About Kindness After Hailey Bieber’s Tell All Interview Shane Warne’s child, Jackson, shares recordings of ‘harmful ladies despising’ powerhouse Andrew Tate: ‘I really do concur with a couple of the things he says’ Kate and William to greet Americans ‘sleeping on the streets’ amid US visit ‘He said “take your bra off”… I was 15’: Supermodel Kate Moss reveals in unflinching detail how she fled a photoshoot in tears after being targeted by fashion industry predator as a teenager How to get early access to the MultiVersus open beta – usnewspress Gunman kills 3 people in Indiana mall shooting, police say Top 10 sizzling sex secrets to Spice Up Your Sex Life Stellantis Announces Termination of Jeep Venture With China’s GAC Memphis police thwart potential mass shooting at arena: Officials 4 dead after argument between 2 groups leads to shooting at north Harris County apartment complex, sheriff says US soprano, offended by blackface, pulls out of Italy opera 10 Top Romantic Getaways in New Jersey Ricky Martin’s Attorney Says Allegations of a Sexual Relationship with His Nephew Are ‘Untrue’ 8 Best Semiconductor Stocks To Buy Amid a Global Chip Shortage : USA Le’Veon Bell Reflects on Lost Season With Steelers in Retirement Post Updates on Tiger Woods from Round 1 of The Open PETE ALONSOI’M DEALING W/ ‘PRETTY BAD PTSD’… Over March Car Crash