STRATEGIC IMPLEMENTATION PLAN
FOR THE NATIONAL STRATEGY FOR INFORMATION SHARING AND SAFEGUARDING
December 2013
Priority Objective 9: Private Sector
Establish information sharing processes and sector-specific protocols with private sector partners to improve information quality and timeliness and secure the nation’s infrastructure.
Steward
Department of Homeland Security and the Federal Bureau of Investigation, partnering with the Cyber IPC, Transborder Security, Resilience and Cybersecurity Directorates, National Security Staff (NSS) directed by PPD 21 and EO 13636.
Problem Statement
ISE agencies and critical infrastructure owners and operators must put in place standard processes and procedures that guarantee the mutual and responsible sharing of all information[1] necessary for identifying and mitigating risks to the Nation's critical infrastructure, including cybersecurity threats.
Desired Outcome
A nation in which physical and cyber critical infrastructure remains secure and resilient, with vulnerabilities reduced, consequences minimized, threats identified and disrupted, and response to and recovery from attacks hastened.
Approach
Work supporting this Priority Objective will be anchored to and leveraged by ongoing efforts associated with the 2013 National Infrastructure Protection Plan (National Plan), directed by Presidential Policy Directive 21: Critical Infrastructure Security and Resilience and Executive Order 13636: Improving Critical Infrastructure Cybersecurity, and will incorporate the complementary body of work developed by the joint critical infrastructure public-private information sharing initiative concluded in October 2013 by DHS, Office of the Director of National Intelligence (ODNI) and PM-ISE, and the FBI’s private sector outreach programs, including the Domestic Security Alliance Council, InfraGard, and other Headquarters and field-based programs.
| MILESTONES | Q1-Q2 FY14 | Q3-Q4 FY14 | FY15 | FY16-18 |
|---|---|---|---|---|
| With the National Fusion Center Association, establish and develop objectives for a working group on private sector engagement. | PM ISE | |||
| Develop standard procedures for making relevant fusion center products accessible to critical infrastructure owners and operators via HSIN-CS and socialize best practices with ISE agencies. | DHS, FBI | |||
| Develop decision options and doctrine that establishes the private sector as a partner and recipient of threat information. | ODNI | |||
| Identify and develop plans that incorporate a unified approach for tools that provide near real-time situational awareness of critical infrastructure vulnerabilities and interdependencies across the IC. | ODNI, DHS, FBI | |||
| Identify and document public-private partnership best practices for sector-specific agencies. | ODNI, DHS, FBI | |||
| Identify FBI products that could be useful to critical infrastructure owners and operators; develop and implement a dissemination plan. | FBI | |||
| Identify and address gaps in training and analytic products related to emerging threats (e.g., insider threat, supply chain, and counterintelligence). | ODNI, DHS, FBI | |||
| Prepare a response to the State, Local, Tribal and Territorial Government Coordinating Council (SLTTGCC) Tribal Working Group White paper on Critical Infrastructure Key Resources (CIKR) in Indian Country with accountable actions to address the findings. | DHS, FBI, DOI, DOJ | |||
| Complete actions as directed by the 2013 National Infrastructure Protection Plan, PPD-21 and EO 13636. | Ongoing, All Agencies as directed |
Go to the next section: Priority Objective 10: Reference Architecture
[1] Processes and procedures put in place related to Controlled Unclassified Information (CUI) will be developed with the concurrence of the CUI Executive Agent and consistent with the CUI Program established under Executive Order 13556.