When it comes to Critical Infrastructure, everything isn’t sectors and sector specific agencies. There are other truly important entities in a sector. These councils are not the “of Troy” type, but they are just as important if you’re in a sector. There are too many variations of these councils to discuss them all in one post, so I’ll focus on two types as examples. The others function similar to these.
Government Coordinating Councils (GCC) represent levels of government. Federal, state, local, tribal, and territorial, when they are involved in managing and interacting with a type of critical infrastructure, they are all represented. Sometimes, each level of government has its own council. Sometimes all are represented on one council. The infrastructure’s issues and attributes help the SSA and Co-SSA make this determination.
These councils enable interagency and intergovernmental cooperation to support national security efforts. Essentially, they facilitate communication in the sectors, from the members of the council to the Sector Specific Agency (SSA) and the Department of Homeland Security (DHS) and from DHS and the SSA to the members of the council. For example, the GCC for the Government Facilities Sector’s charter defines its role as furthering continuous improvement of security and resilience efforts in the sector, and promoting best practices in cyber and physical risk management.
DHS is directly represented on these councils too; each of them is co-chaired by the DHS Assistant Secretary for Infrastructure Protection or his/her designee. (https://www.dhs.gov/sites/default/files/publications/cipac-govt-facilities-gcc-charter-2015-508.pdf) DHS’s involvement is “critical” because, at times, it allows the councils to communicate security-sensitive information without fear of FOIA requests.
Another type of council is Sector Coordinating Councils. They, like all councils are self-organized, self-run, and self-governed, but these represent the private sector. They consist of owners and operators, or their representatives, of private sector components of a critical infrastructure sector. They perform similar duties as the GCCs, and they serve as principal collaboration points between the government and private sector entities for critical infrastructure security. However they represent the private sector’s interests instead of levels of governments’ interests.
So, in this blog-trek towards understanding Critical Infrastructure, we already had the NIPP, and HSPD-7 governing the identification of Critical Infrastructure. We had DHS sorting Critical infrastructure into sectors and subsectors, and we had SSAs and Co-SSAs manage the sectors. Now we see one layer deeper, the councils. Next post, I’ll talk about ISACs and ISAOs.