White House Issues New National Security Memorandum on Critical Infrastructure

Joshua Duvall, Amy Rodenberger
Maynard Nexsen
Contact
LinkedIn
Facebook
X
Send
Embed

Maynard Nexsen

On April 30, 2024, the White House announced that President Biden signed a new critical infrastructure memorandum, titled National Security Memorandum on Critical Infrastructure Security and Resilience ("NSM-22"). This new memorandum will replace an Obama-era policy directive, Presidential Policy Directive -- Critical Infrastructure Security and Resilience ("PPD-21), which designated the 16 critical infrastructure sectors that are the focal point of the Cyber Incident Reporting for Critical Infrastructure Act of 2022 ("CIRCIA").

Notably, NSM-22 comes on the heels of the Cybersecurity & Infrastructure Security Agency's ("CISA") proposed rule implementing CIRCIA, which also was published in April, discussed here. Together, CIRCIA, NSM-22, and CISA's proposed rule signal the government's heightened focus on cybersecurity and protecting critical infrastructure sectors in the U.S., including, for example, by "[r]equiring and enforcing minimum resilience and security requirements and recommendations that direct building resilience into critical infrastructure assets and systems upfront[.]"

Like its predecessor PPD-21, the White House’s announcement shows that NSM-22 will help to ensure strong and resilient U.S. critical infrastructure by, among other things:

  • Empowering the Department of Homeland Security to lead the whole-of-government effort to secure U.S. critical infrastructure, with CISA acting as the National Coordinator for Security and Resilience. 
  • Directing the U.S. Intelligence Community, consistent with the goals outlined in the 2023 National Intelligence Strategy, to collect, produce and share intelligence and information with Federal departments and agencies, State and local partners, and the owners and operators of critical infrastructure.
  • Reaffirming the designation of 16 critical infrastructure sectors and a federal department or agency as the Sector Risk Management Agency (SRMA) for each sector.
  • Elevating the importance of minimum security and resilience requirements within and across critical infrastructure sectors, consistent with the National Cyber Strategy, which recognizes the limits of a voluntary approach to risk management in the current threat environment.

Ultimately, as the White House noted, our "Nation faces an era of strategic competition in which nation-state actors will continue to target American critical infrastructure – and tolerate or enable malicious activity conducted by non-state actors." Given the ever-increasing threat to our 16 critical infrastructure sectors and beyond, and the wide-spread and lasting damage that could ensue in the wake of an attack by nation-state actors or their proxies, a foundational theme that surfaces throughout the memo is resilience, which is the "cornerstone of homeland defense and security."

Written by:

Maynard Nexsen
Maynard Nexsen
Contact
more
less

PUBLISH YOUR CONTENT ON JD SUPRA NOW

  • Increased visibility
  • Actionable analytics
  • Ongoing guidance

Maynard Nexsen on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign Up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide