Top House cyber lawmaker to press DHS on key infrastructure group’s shutdown
New York Rep. Andrew Garbarino, the lead Republican on the House Homeland Security Committee’s cybersecurity panel, plans to approach the Department of Homeland Security with concerns about the agency shuttering a key information-sharing group used by critical infrastructure owners and operators to exchange cyber and physical threat intelligence with the government.
Last week, DHS Secretary Kristi Noem dissolved the Critical Infrastructure Partnership Advisory Council, along with several other advisory groups, Politico reported Monday. CIPAC is tied to the Cybersecurity and Infrastructure Security Agency within DHS.
Through a sector partnership model, CIPAC has been used to facilitate discussions among members of government coordinating councils, sector coordinating councils and cross-sector groups on critical infrastructure planning, implementation and operational concerns.
Garbarino, a longtime advocate of CISA, told Nextgov/FCW after a Tuesday hearing on cybersecurity regulatory harmonization that he’s going to look into the group’s disbandment because it’s used to alert stakeholders on not just cyber threats, but also physical events — such as weather disasters — that could harm critical infrastructure like power grids and pipelines.
“It’s not just some do-nothing board, you know? I’m going to follow up with [DHS] and find out why they went this way,” he said. “I get it. You don’t want the whole thing, but [CIPAC] did do some good work.”
He made the same promise to industry representatives in the hearing, saying that he plans to speak to the Trump administration. “We don’t want industry not sharing information with us; we don’t want industry not sharing information with each other because when that happens, it just increases the vulnerabilities that are out there.”
DHS did not immediately return a request for comment.
Scott Aaronson, a senior vice Senior Vice President at the Edison Electric Institute who testified at the hearing, noted that “90%, give or take, of critical infrastructure is owned by the private sector.”
“This is a team sport, and CIPAC is the rulebook for how those teams — industry and government — can work collaboratively with protections, with the ability to have ongoing dialogs with sector coordinating councils that facilitate information sharing to prepare for the response to all of these hazards,” he said. “CIPAC or something like it is vital to our ability to use that partnership effectively.”
