Acting CISA Director Nick Andersen said on May 21 that the Cybersecurity and Infrastructure Security Agency (CISA) is looking to develop an intergovernmental working group aimed at strengthening collaboration between government and critical infrastructure operators.
Speaking at the National Cyber Innovation Forum in Washington, D.C., Andersen emphasized that stronger public-private partnerships will be essential to securing the nation’s critical infrastructure and responding to the rapidly evolving cyber threat landscape driven in part by artificial intelligence (AI).
“We’re deliberatively working right now to prioritize critical infrastructure owner operator entities … [and] to develop an intergovernmental approach to a homeland defense working group,” Andersen said.
He said the effort would identify the infrastructure sectors most critical to public safety, national security, and the economy, while also examining where adversaries are already positioning themselves inside networks.
The initiative would bring together government agencies and private-sector infrastructure operators to develop “joint action plans” focused on improving resilience, Andersen said. He added that the goal is not to prevent every cyber incident, but to ensure organizations can recover quickly when attacks occur.
“Everybody in the world has a vulnerability that’s exploited, and being able to look at ease of recoverability and ease of normalized resilience metrics that are going to be able to get us there – that’s really where we have to invest our time moving forward,” Andersen said.
Throughout the discussion, Andersen stressed that the federal government and private sector must work together to address longstanding cybersecurity weaknesses, including what he described as mounting “tech debt” across both public- and private-sector systems.
“We’ve not made the right level of investment required in order to be able to readily secure ourselves for the future,” Andersen said. “We put a lot of these things off.”
He warned that AI-driven advances in vulnerability discovery are likely to accelerate cyber risks and place new pressure on government, software vendors, and the open-source software community.
“The open source community is one that I’m particularly worried about when we start to think about the rapid escalation of vulnerability discovery,” Andersen said, adding that organizations will soon face difficult decisions about where to invest security resources.
To respond, Andersen said CISA is prioritizing deeper operational coordination with industry through existing partnerships such as the Joint Cyber Defense Collaborative, as well as new ones designed to make it easier for infrastructure operators and federal agencies to work together.
“I don’t necessarily want individual agencies and departments trying to think about how they’re going to solve this problem on their own, or an owner operator thinking about how they’re going to try to solve this problem on their own,” Andersen said.
“So, we’re looking at what are the right sort of transactional relationships that we can establish to help make that as easy and seamless as possible for people as they begin to move forward,” he said.