InfrastructureIntelligenceNational DefenseNational SecurityOSINTTerrorism

CISA Challenged to Clarify Infrastructure Security and Partnerships

The Cybersecurity and Infrastructure Security Agency (CISA) has been asked to provide clarity on its partnerships in the critical infrastructure sectors.

The Chairman of the House Homeland Security Cybersecurity and Infrastructure Protection Subcommittee wants to know whether or not CISA is looking to incorporate existing partnerships into its Joint Cyber Defense Collaborative (JCDC).

In an Aug. 28 letter sent to the CISA Director, it was pointed out that CISA’s relationship with the Analysis & Resilience Center (ARC) for Systemic Risk and the Department of Energy’s Energy Threat Analysis Center (ETAC) previously relied on a cross-sector partnership with these organizations, but it is now unknown how CISA will approach these partnerships going forward as it drives towards a sector-specific approach.

It is noted that at the end of 2022, the electricity members left the ARC to engage with the ETAC. Additionally, financial services sector stakeholders recently received written notice of “CISA’s intent to alter the ARC’s facility clearance, although now CISA appears to have reconsidered and granted the facility clearance.”

Due to a lack of clarity surrounding these partnerships, CISA has been asked to provide a briefing to discuss how it is engaging with the ETAC, as well as if it has any plans to absorb the ARC and the ETAC as a “spoke” of CISA’s JCDC.

He also wants to know how CISA plans to resource any expansion of the JCDC’s “spokes” with the current fiscal year (FY) 2024 budget request.

Finally, the request asked for information on how CISA supports cross-sector systemic risk and resilience efforts “now that the agency is driving towards a sector-specific approach.”

CISA was asked to schedule the briefing no later than Sept. 28, 2023.

From The Shadows Emerges Knowledge