The National Infrastructure Advisory Council (NIAC) set out to determine whether the right people are receiving the right intelligence information at the right time to support robust protection and resilience of the Nation’s critical infrastructure. More than 200 interviews and extensive open-source research uncovered a wealth of insights on this complex problem. First, there have been marked improvements in the sharing of intelligence information within the Federal Intelligence Community, and between the Federal Government and regions, States, and municipalities. However, this level of improvement has not been matched in the sharing of intelligence information between the Federal Government and private sector owners and operators of critical infrastructure. Despite some notable successes, this bidirectional sharing is still relatively immature, leaving a large gap between current practices and an optimal system of effective public-private intelligence information sharing. We observe that trust is the essential glue to make this public-private system work. Trust results when partner capabilities are understood and valued, processes are tailored to leverage these capabilities, and these processes are tested and proven valuable to all partners. When breakdowns in information sharing occur, it erodes trust and is counterproductive to risk management.
- Chinese Intelligence Agencies Are Doctoring the Country’s Vulnerability Database Digest Article
- Cybersecurity of DoD Critical Infrastructure CSIAC Webinar
- U.S. Government Contractors Score Poorly on Cyber Risk Tests Digest Article
- Framework for Improving Critical Infrastructure Cybersecurity Version 1.1 Reference Document
- Cyber Alert: EU Ministers Test Responses in First Computer War Game Digest Article