Oct 14, 2022 - Technology

White House readies new cyber regulation rollouts

Photo of Anne Neuberger during a White House press briefing

Anne Neuberger speaks during a news conference in February 2022. Photo: Oliver Contreras/Sipa/Bloomberg via Getty Images

Critical infrastructure sectors should start preparing for the next phase in the Biden administration's cyber regulatory plan after a pair of announcements from a top White House adviser on Thursday.

Driving the news: Anne Neuberger, deputy national security adviser for cybersecurity and emerging technology, shared updates during two public interviews Thursday — including one with Axios — on the White House's work to stand up new cyber regulatory structures for critical infrastructure sectors.

  • Neuberger said during a Washington Post event in the morning that the communications, water and health care sectors are next on the administration's list for new cyber rules.
  • Neuberger also told an audience at an Axios event in Washington last night that the Cybersecurity and Infrastructure Security Agency (CISA) is planning to release its highly anticipated, but voluntary, cybersecurity performance goals before the end of the month.

Details: Neuberger said the EPA, the FCC and the Department of Health and Human Services (HHS) will each release their own cyber guidelines and rules.

The big picture: Each announcement represents the Biden administration's strong desire to expand cybersecurity regulations into the private sector.

  • So far, the White House has had a piecemeal approach, taking one critical infrastructure sector at a time, such as pipelines, railroads and aviation.

Meanwhile, Neuberger's office also announced plans earlier this week to host a meeting on Wednesday with industry groups to discuss a new initiative to create a cybersecurity label for Internet of Things devices.

What they're saying: "Many of our peer governments, whether the European Union or Koreans or others, have over the years put in place minimum cybersecurity standards for critical infrastructure," Neuberger said during the Axios event.

  • "We're now recognizing we very much need to do that in the U.S."

Sign up for Axios’ cybersecurity newsletter Codebook here.

Go deeper