The Alliance for Critical Infrastructure’s biggest goal: changing how the nation plans for a major cybersecurity crisis.
The ACI is now creating working groups, defining pilot projects and reviewing membership applications. In addition to its formal members, the group will collaborate with government agencies, sector coordinating councils (SCCs), information sharing and analysis centers (ISACs) and cybersecurity think tanks.
While the ACI is still in its infancy, it’s already thinking about how to test the ideas its members come up with. That could include regional pilot programs — on topics such as incident response, information sharing and service restoration — involving the most important organizations in a specified area, from water treatment plants to health clinics to military bases.
Partnerships with sector-specific groups will be critical to the ACI’s success. The group has already been talking to ISACs and SCCs to reassure them that it understands their role. “We don’t want this to be duplicative of existing sector functions and apparati,” Flatgard said.
Errol Weiss, the Health-ISAC’s chief security officer, said it was essential for the ACI to integrate with information-sharing groups like his. ISACs “already provide operational threat intelligence and sector‑specific context,” he said. “Duplicating or bypassing that ecosystem would risk confusion for operators.”
Read the article in Cybersecurity Dive. Learn More
