Biden Orders Increased Intelligence Sharing Between Spy Agencies and Private Sector to Counter Threats from China and Russia

President Biden has issued a directive to U.S. intelligence agencies, urging them to enhance their collaboration with private firms responsible for critical American infrastructure. The aim is to fortify defenses against threats posed by foreign adversaries such as China and Russia, as well as criminal organizations and hackers.

This directive forms a key component of a national security memorandum on Critical Infrastructure Security and Resilience issued by President Biden. It updates guidance initially introduced in 2013 under the Obama administration, outlining new security protocols across 16 critical infrastructure sectors to shield against both natural disasters and deliberate threats.

Caitlin Durkovich, Deputy Homeland Security Advisor for Resilience and Response under the Biden administration, emphasized the policy's relevance in light of ongoing disruptive ransomware attacks and cyber intrusions targeting U.S. water systems. She highlighted the consistent warnings from senior administration officials regarding the relentless targeting of critical infrastructure by adversaries.

Building on insights gleaned from past events, including Russia's invasion of Ukraine, the Biden administration has instructed intelligence agencies to prioritize the declassification of relevant information for sharing with private sector entities or to disseminate classified information to cleared private companies. This proactive stance aims to bolster defenses against evolving security threats.

Jen Easterly, Director of the Cybersecurity and Infrastructure Security Agency, affirmed efforts within the intelligence community to declassify information pertinent to potential retaliatory actions by Russia, as witnessed prior to the Ukraine invasion in February 2022. Recognizing the severity of threats emanating from China, the administration has underscored the urgency of safeguarding critical infrastructure against Chinese cyber actors, as highlighted in the Volt Typhoon operation.

Easterly stressed the importance of comprehensive briefings with cleared sector personnel to ensure awareness of threats posed by both Russia and China to critical infrastructure.

Furthermore, the memorandum assigns the Department of Homeland Security (DHS) the lead role in coordinating efforts among various federal agencies. DHS is tasked with submitting a biennial "national risk management plan" to the president, summarizing efforts to mitigate risks to critical infrastructure.

Additionally, the memo mandates minimum security and resilience standards for critical infrastructure entities, transitioning from voluntary to mandatory requirements. This shift reflects the need for a more robust approach to safeguarding the nation's critical infrastructure against a wide array of threats and hazards.

The memorandum also reaffirms the delineation of the 16 critical infrastructure sectors and specifies which government agencies should engage with each sector. This coordinated approach underscores the administration's commitment to bolstering national resilience against diverse threats.