The Government Accountability Office finds that out-of-date federal training guidelines place thousands of chemical facilities at risk of cyber attacks, according to an article from MSSP Alert. The Department of Homeland Security’s (DHS) Chemical Facilities Anti-Terrorism Standards (CFATS), a program that guides some 3,300 chemical installations to meet cybersecurity standards, reportedly has not been updated in more than 10 years. In addition, according to the GAO review, the program lacks a routine review process.
According to the article, the cyber wing of the DHS -- the Cybersecurity and Infrastructure Security Agency (CISA) – has issued repeated warnings regarding attacks on the country’s critical infrastructure including one issued three months ago following a ransomware attack on a natural gas compression facility. The GAO issued a series of recommendations to improve DHS oversight of chemical facilities. MSSP Alert notes that the House Homeland Security Committee approved a bill last year to renew the CFATS program before it expires in July, but the legislation has yet to receive a floor vote.
Read the entire article here.