CISA Director Jen Easterly called on technology companies to focus on building products more securely and to stop shifting the burden for safety to customers.
A new bill would provide funding for security research at the university level into threats to the energy sector.
Attackers are focusing their attention on critical infrastructure operators, and building resilience into those networks is a key to defending them, experts say.
The Government Accountability Office criticized the National Nuclear Security Administration's mixed risk management practices around operational technology devices and its lax oversight of subcontractor cybersecurity practices.
A new report by the CSC 2.0 pointed to both progress and "unfinished business" in the government's implementation of its recommendations for bolstering its cybersecurity strategy.