Critical infrastructure companies should expect substantial new federal cybersecurity requirements based on the National Cybersecurity Strategy that President Biden announced on March 2, 2023. The Strategy includes enhanced requirements for critical infrastructure. Specifically, President Biden pivoted federal cybersecurity policy from encouraging voluntary adoption of proactive security measures to using regulation and other measures to mandate adoption in private industry. In addition to those mandates, the Strategy signals an intent to shift security responsibility from consumers and end users to technology firms and software providers. After the Administration announced the Strategy, the EPA released a memorandum addressing cybersecurity in public water systems and TSA released an aviation cybersecurity amendment.
Companies will need to comply with these mandates immediately and stay up to date on additional requirements to come.

Click here to read the full Update.