At a glance.
- US cyber director stresses importance of protecting solar industry.
- US lawmakers introduce energy cybersecurity bill.
- Japan and New Zealand in talks to share intelligence.
- Industry comment on ICS-security companies in the JCDC.
US cyber director stresses importance of protecting solar industry.
At the US’s first Secure Renewables conference, held in Texas on Wednesday, assistant national cyber director Harry Krejsa highlighted the importance of private and public sector collaboration in defending the solar power industry against cyberthreats. "This clean energy transition is nothing less than a vital issue of national security," Krejsa stated. GovTech explains that the White House has plans to increase solar power’s share of the nation’s energy from 4% to 30% by 2030, but last month President Joe Biden said intelligence officials had found evidence that "the Russian government is exploring options for potential cyberattacks" against critical infrastructure, including energy.
US lawmakers introduce energy cybersecurity bill.
Underscoring the US government’s focus on energy, the Hill reports that on Thursday House Representatives Mike Carey and Deborah Ross introduced the Energy Cybersecurity University Leadership Program Act. The bipartisan bill would establish a Department of Energy (DOE) grant program to support graduate students and postdocs researching the intersection of cybersecurity and energy infrastructure. The Record by Recorded Future adds that the measure would give researchers the opportunity to study at the DOE’s national labs, as well as increase OUTREACH to historically Black universities and other institutions serving minorities. “Establishing the [program] will strengthen our resilience by further developing a high-skilled workforce with energy-specific cybersecurity expertise,” Carey explained. The bill would also require the secretary of Energy to submit a report to Congress with updates on the development and implementation of the program within one year. “To confront growing cyber threats against our country’s critical energy infrastructure, we must make real investments in a strong and diverse workforce ready to meet any challenge,” added Ross, who along with Carey serves on the House Science Committee.
Could the Five Eyes gain a sixth?
Effectively a Sixth Eye, in the APAC region, anyway. New Zealand Prime Minister Jacinda Ardern is in talks with Japanese Prime Minister Fumio Kishida to establish an agreement for sharing classified intel between their countries, and such an arrangement would put Japan one step closer to joining the Five Eyes intelligence partnership. The talks come just two days after China struck a deal allowing Beijing to deploy troops to the Solomon Islands, a move that has Western-aligned powers in the Indo-Pacific region on edge. Anna Powles, a senior lecturer in security studies at Massey University in New Zealand, told the New York Times, “The announcement speaks to both countries’ concerns about China, which have been amplified over the past few weeks with the signing of the security agreement.” In 2020 former Japanese defense minister Taro Kono proposed Japan join a “Six Eyes” partnership, and in 2021 Japan’s ambassador to Australia Shingo Yamagami voiced his support of the idea, but historically members of the Five Eyes have expressed concerns about the security of Japan’s intelligence community. However, in recent years Japan has revamped its security prowess and has already negotiated intelligence-sharing agreements with the US, UK, and Australia. And to be fair, New Zealand’s own reliability as an intelligence partner has recently been questioned, as New Zealand has been slow to criticize China’s human rights abuses and increased influence in the region. The agreement with Japan is a sign that China’s recent actions are pushing New Zealand to take a more assertive stance in its foreign policy.
Industry comment on the US Joint Cyber Defense Collaborative.
The US Cybersecurity and Infrastructure Security Agency (CISA) announced earlier this week that it would include companies with particular expertise in industrial control system (ICS) security in the Joint Cyber Defense Collaborative (JCDC). Tim Hoffman, Technical Control Officer at Axonius Federal Systems, wrote to express his approval of the move:
"The inclusion of ICS-focused companies in the Joint Cyber Defense Collaborative (JCDC) is a promising step in the right direction. Industrial control systems are mission critical in many cases, but the deployment of these systems can pose numerous security challenges, primarily because of these systems’ unique constraints. ICS and OT assets operate in different environments than your typical IT assets, and don’t benefit from some of the lower-friction techniques employed as a part of good IT cyber hygiene. There is still a lot of work that needs to be done to get ICS security to a better place, especially with many legacy ICS devices already deployed across the nation. In addition to partnering with experts in the field, security teams looking to secure OT assets also need to gain better visibility into what assets exist on their OT networks to identify where security initiatives can have the largest impact."