Appendix C

Resources and Tools to Support Information Sharing

The Department of Homeland Security (DHS) has established several operations and tools to support information sharing within and among the critical infrastructure sectors.¹ These include

• Homeland Security Information Network - Critical Infrastructure (HSIN-CI).² The Homeland Security Information Network is the trusted network for homeland security mission operations to share sensitive but unclassified information. The critical infrastructure community on the network, HSIN-CI, is the primary system through which private sector owners and operators; DHS; and other federal, state, and local government agencies collaborate to protect the nation’s critical infrastructure. HSIN-CI provides real-time collaboration tools including a virtual meeting space, document sharing, alerts, and instant messaging at no charge.
• Infrastructure Protection Gateway (IP Gateway).³ The IP Gateway serves as the single interface through which DHS partners can access a large range of integrated infrastructure protection tools and information to conduct comprehensive vulnerability assessments and risk analysis.
• National Infrastructure Coordinating Center (NICC).⁴ The NICC is the 24/7 information coordination and sharing operations center that maintains situational and operational awareness, communication, and coordination among the critical infrastructure public and private stakeholders.

___________________

¹ See https://www.dhs.gov/emergency-services-sector-information-sharing-initiative.

² See https://www.dhs.gov/hsin-critical-infrastructure.

³ See https://www.dhs.gov/cisa/ip-gateway.

⁴ See https://www.dhs.gov/cisa/national-infrastructure-coordinating-center.

• National Risk Management Center (NRMC).⁵ NRMC evaluates the potential consequences of disruptions across the cyber-physical domain through an integrated analytical approach that implements deliverables required by Presidential Policy Directive 21 and Executive Order 13636.
• Protected Critical Infrastructure Information (PCII) Program.⁶ The PCII Program works with government organizations and the private sector to protect critical infrastructure information needed for effective incident management, as well as steady-state operations and preparedness.
• Protective Security Advisors (PSAs).⁷ PSAs are security subject matter experts strategically deployed across the United States to protect the nation’s critical infrastructure by providing state, local, tribal, territorial, and private sector partners access to DHS risk-mitigation tools, products, and services and by supporting officials responsible for planning and leading responses to major events. In addition, PSAs support response and recovery efforts to hazardous incidents through field-level coordination and information sharing.
• TRIPwire (Technical Resource for Incident Prevention).⁸ TRIPwire is a 24/7, online, collaborative information-sharing and resource portal for bomb technicians, first responders, military personnel, government officials, intelligence analysts, private sector security professionals, and critical infrastructure owners and operators. TRIPwire is designed to increase awareness of evolving improvised explosive device (IED) tactics, techniques, and procedures, as well as share information about incident lessons learned and other counter-IED information.

DHS partners with other organizations and platforms to provide additional information-sharing support to its security partners. These include:

• Sector-specific agencies (SSAs).⁹ SSAs maintain ongoing relationships with each critical infrastructure sector and often provide information essential to identify vulnerabilities and all-hazard risks and develop protective programs.
• Information Sharing Environment.¹⁰ The federal Information Sharing Environment, managed by the Office of the Director of National Intelligence, facilitates information-sharing policies, procedures, and technologies.

___________________

⁵ See https://www.cisa.gov/national-risk-management.

⁶ See https://www.dhs.gov/cisa/pcii-program.

⁷ See https://www.dhs.gov/cisa/protective-security-advisors.

⁸ See https://www.dhs.gov/tripwire.

⁹ See https://www.dhs.gov/cisa/infrastructure-security-division.

¹⁰ See https://www.dni.gov/index.php/nctc-who-we-are/organization/201-about/organization/information-sharingenvironment.

• Fusion centers.¹¹ Numerous states and large cities have established fusion centers to share information and intelligence.

DHS also partners with the Regional Consortium of Coordinating Councils, of which the following organizations are members:¹²

• Alaska Partnership for Infrastructure Protection
• All Hazards Consortium
• American Logistics Aid Network
• Association of Contingency Planners
• Bay Area Center for Regional Disaster Resilience
• Business Emergency Operations Center
• California Resiliency Alliance
• ChicagoFIRST, LLC
• Colorado Emergency Preparedness Partnership, Inc.
• Cyber Resilience Institute Organization
• Cyber Threat Intelligence Network Organization
• Financial Services Information Sharing and Analysis Center (FS-ISAC), Business Resiliency Committee
• Great Lakes Hazards Coalition
• InfraGard Los Angeles Members Alliance
• InfraGard Minnesota Members Alliance
• InfraGard Pittsburgh Members Alliance
• The Infrastructure Security Partnership
• Missouri Public Private Partnership
• The MITRE Corporation Organization
• National Health Information Sharing and Analysis Center
• Northeast Disaster Recovery Information X-Change
• Pacific Northwest Economic Region
• Pittsburgh Regional Business Coalition for Homeland Security
• Ready San Diego Business Alliance
• RPCfirst
• Safeguard Iowa Partnership
• Silver Shield - Critical Infrastructure Protection Program
• SoCalfirst
• South Florida Disaster Resiliency Coalition

___________________

¹¹ See https://www.dhs.gov/fusion-centers.

¹² See https://rtriplec.wordpress.com/members/.

• Southeast Emergency Response Network
• Southeast Wisconsin Homeland Security Partnership, Inc.
• U.S. Chamber of Commerce
• Utah Public Private Partnership Organization