While the Biden administration has tweaked an Obama-era critical infrastructure defense policy to reflect the evolving cybersecurity threat landscape, such an update's failure to expand the scope of critical infrastructure to include cloud computing or space systems has been regarded by experts to be a significant limitation, CyberScoop reports.
"This review is 11 years after the first PPD-21 — to argue and to think that there's been no changes across those sectors in 11 years… that's disappointing," said Foundation for Defending Democracy's Center on Cyber and Technology Innovation Director Annie Fixler.
While Fixler and former Cybersecurity and Infrastructure Security Agency National Risk Management Center Director Bob Kolasky praised the official designation of CISA as the national coordinator of cybersecurity under the directive, the agency was noted by Fixler to still be limited in its operations by Congress. Moreover, implementation of the directive could also prove to be challenging amid the upcoming polls, she added.
