Anne Neuberger of the White House presents a new phase of cyber-regulation


Anne Neuberger speaks at a press conference in February 2022. Photo: Oliver Contreras/Sipa/Bloomberg via Getty Images

Critical infrastructure sectors is expected to begin preparing for the next phase of the Biden administration’s cyberregulation plan after a pair of announcements from a top White House adviser on Thursday.

Driving the news: Anne Neuberger, deputy national security adviser for cybersecurity and emerging technologies, provided an update in two public talks Thursday — including one with Axios — on the White House’s work to put in place new cyber regulatory structures for critical infrastructure sectors.

  • neberger said at a Washington Post event in the morning that the communications, water and healthcare sectors are next on the administration’s list for new cyber rules.
  • Neuberger also told an audience at an Axios event in Washington last night that the Cybersecurity and Infrastructure Security Agency (CISA) plans to release its long-awaited, but voluntary, cybersecurity performance goals before the end of the month.

Details: Neuberger said the EPA, FCC, and Department of Health and Human Services (HHS) will each issue their own cybersecurity guidelines and rules.

The big picture: Each announcement represents the strong will of the Biden administration to extend cybersecurity regulations to the private sector.

  • So far, the White House has taken a piecemeal approach, taking one critical infrastructure sector at a time, such as pipelines, railroads and aviation.
  • With respect to CISA, industry groups have expressed concern that the new performance targets will be a precursor to mandatory requirements.

Meanwhile, Neuberger’s office also announced earlier this week that it plans to host a meeting on Wednesday with industry groups to discuss a new initiative to create a cybersecurity label for Internet of Things devices.

What they say : “Many of our peer governments, whether it’s the European Union, the Koreans or others, have put in place minimum cybersecurity standards for critical infrastructure over the years,” Neuberger said during the talk. the Axios event.

  • “We now recognize that we really need to do this in the United States”

Sign up for the Axios Cybersecurity Codebook newsletter here.


About Author

Comments are closed.