Report: Securing critical infrastructure not receiving support it should

National Infrastructure Advisory Council says public-private intelligence information sharing still 'immature'
 - 
Tuesday, March 6, 2012

YARMOUTH, Maine—The federal government’s intelligence community needs to do a better job of sharing intelligence information with the country’s critical infrastructure sector, according to a recent report from the National Infrastructure Advisory Council.

The council’s 227-page report “Intelligence Information Sharing” is a follow-up to a similar study it conducted in 2006. While information sharing between the federal government and private critical infrastructure sector has improved since the 2006 report, it still “is not sufficient to maximize the protection and resilience of the nation’s infrastructure,” the current study states. The council, which provides the president with advice on the security of 18 critical infrastructure sectors, calls information sharing “perhaps the most important factor in the protection and resilience of critical infrastructure.”

In the current report, the council, was tasked with three things: To review the overall progress and status of bi-directional intelligence information sharing; to examine ways to improve the private sector role in counterintelligence; and to assess the role of fusion centers as a mechanism for sharing intelligence information with the private sector.

In the report, the council considered bi-directional information sharing as a complex “ecosystem” of multiple public and private sector partners, including 18 critical infrastructure sectors, 17 members of the federal intelligence community, eight sector-specific agencies, 72 state and regional fusion centers, and other participants.

The council found that the federal intelligence community does not prioritize sharing of intelligence information with the private sector and does not understand the “unique knowledge and analysis capabilities offered by the private sector ... and where they are understood, the processes to leverage these capabilities are not in place.”

The current complexity of how private sector organizations share intelligence with the federal government is also cited as an impediment to information sharing. “Today, the multiplicity of federal players, their diverse missions and roles, and myriad ‘rules-of-the-road’ for how and where intelligence can be shared, stymie owners and operators of critical infrastructure in their ability to contribute to and use intelligence information,” the report states. “As a result, engagement through trusted personal relationships remains a primary means of facilitating the flow of needed intelligence information.”

The report makes several recommendations. Among them are for the Department of Homeland Security to support the development of an infrastructure protection and resilience capability at the 72 state and regional fusion centers “that could stand alone or be integrated within fusion centers to facilitate the flow of intelligence information to and from the private sector, while ensuring information protection and addressing privacy concerns;” that the Office of the Director of National Intelligence “assist DHS in developing, modifying, or assessing programs and processes for private sector information sharing;” and for the DHS to “establish core teams of 3-4 intelligence specialists specifically for each sector, and one team focused on cross-sector information issues.”

It also suggests that DHS streamline the process for providing private sector security clearances “and develop opportunities for departing government personnel to keep or easily renew clearances when moving to key security positions in critical infrastructure companies.”