At a glance.
- CISA urges critical infrastructure operators to prepare for Russian cyberattacks.
- European Commission proposes cybersecurity framework.
CISA urges critical infrastructure operators to prepare for Russian cyberattacks.
Yesterday the US Cybersecurity and Infrastructure Security Agency (CISA) conducted a call with critical infrastructure partners to discuss mitigation strategies in preparation for potential Russian cyber aggression. The White House has been bracing itself for possible cyberattacks since Russia invaded Ukraine last month, with US President Joe Biden releasing a statement earlier this week encouraging the private sector, which supports much of the nation’s critical infrastructure, to take proactive measures to bolster its cybersecurity. During yesterday’s call, CISA Director Jen Easterly, Deputy Executive Assistant Director for Cybersecurity Matt Hartman, and Deputy Assistant Director of the Federal Bureau of Investigation’s cyber division Tonya Ugoretz echoed President Biden’s position. They also encouraged call participants to visit CISA’s “Shields Up” website, a new platform dedicated to sharing intel about malicious Russian cyberactivity. As the Federal News Network notes, the site also directs organizations to use CISA’s new hotline, firstname.lastname@example.org, to report any incidents to CISA’s United States Computer Emergency Readiness Team, which is tasked with coordinating incident response operations.
European Commission proposes cybersecurity framework.
Across the Atlantic, the EU is also focused on taking proactive measures to defend against potential cyberthreats, Reuters reports. On Tuesday, the European Commission proposed the creation of a framework for managing cybersecurity risks at EU institutions. Part of a package of draft rules focused on cyber defense called the Cybersecurity Regulation, the proposal would require EU bodies and agencies to identify cybersecurity risks, establish a plan to strengthen their cybersecurity, conduct regular assessments, and disclose details about incidents. Officials also proposed an information security regulation that would establish minimum cybersecurity standards for all EU institutions. Budget Commissioner Johannes Hahn explained, "In a connected environment, a single cybersecurity incident can affect an entire organisation. This is why it is critical to build a strong shield against cyber threats and incidents that could disturb our capacity to act.”