CybersecurityInfrastructure

DHS Revives Cybersecurity Council for Critical Infrastructure

Analyst 207||Source: CyberScoop
Diverse groups from government and private sectors discuss cybersecurity in a meeting room overlooking cityscape.

“ANCHOR-CI will provide forums through which cybersecurity, law enforcement, intelligence, national security, and other government representatives at the federal, state, local, tribal, and territorial levels may engage representatives of private sector entities and critical infrastructure owners and operators,” DHS wrote in a federal register notice set to publish July 1.

DHS and CISA set out ANCHOR-CI’s stated mission

The Department of Homeland Security is reintroducing a formal mechanism for government–private-sector cybersecurity coordination in the form of the Alliance of National Councils for Homeland Operational Resilience – Critical Infrastructure program, or ANCHOR-CI. DHS says the new body is meant to “review[] the current threat environment, discuss[] potential vulnerabilities, and form[] recommendations on securing a more resilient critical infrastructure and cyberspace.” The federal register notice announcing the program is scheduled to publish on July 1, according to DHS.

Structure: four council types and CISA management

ANCHOR-CI will be managed by the Cybersecurity and Infrastructure Security Agency (CISA), which will appoint members to the council from industry, trade associations, state and local governments and “other sources,” the notice states. The organization will contain four distinct council types: (1) councils focused on federally designated critical infrastructure sectors, (2) cross‑sector councils to address emerging threats such as cyberattacks or zero‑day vulnerabilities, (3) critical infrastructure industry councils, and (4) regional coordinating councils.

Transparency: a Federal Advisory Committee Act exemption

A critical procedural difference between ANCHOR-CI and past arrangements is DHS’s decision to exempt the new body from the Federal Advisory Committee Act (FACA). In the notice, DHS said the exemption was issued “in recognition of the sensitive nature of the subject matter involved regarding the assessment and mitigation of security and operational risks.” CyberScoop’s reporting highlights that this FACA exemption removes public transparency requirements that had applied to previous advisory bodies.

How ANCHOR-CI differs from CIPAC and who chooses participants

ANCHOR-CI is explicitly being positioned as a successor to the Critical Infrastructure Partnership Advisory Council (CIPAC), a federal advisory body that previously allowed agencies such as the FBI, CISA and the intelligence community to coordinate with owners and operators across water, power, internet and telecommunications on cyber threats. CIPAC was disbanded under then‑Secretary of Homeland Security Kristi Noem; critical infrastructure owners and operators told CyberScoop they felt blindsided and lost access to federally enabled threat intelligence and cybersecurity support.

Several officials and former officials told CyberScoop the new structure gives CISA different levers of authority. Bob Kolasky, who ran the National Risk Management Center at CISA and now serves as senior vice president of critical infrastructure at Exiger, said ANCHOR “really puts CISA in the position of having authority over who participates,” a change from CIPAC. Kolasky described prior CIPAC operations as leaning “heavily on the idea that private sector coordinating councils were self‑governed and self‑organized,” with DHS officials managing the overall partnership but not selecting individual representatives.

What this means for critical infrastructure owners and CISA and state, local, tribal, and territorial governments

  • Critical infrastructure owners and operators: Many reported feeling “abandoned” after CIPAC’s disbanding. The reintroduction of ANCHOR-CI, and restoration of information‑sharing services (CyberScoop noted this as part of a broader effort and referenced ANCHOR‑AI in that context), restores a formal channel for direct engagement with federal cybersecurity, law enforcement and intelligence partners — albeit one that will operate outside FACA’s transparency rules.
  • CISA and federal partners: The federal register notice places membership and management authority with CISA. According to a former CISA official quoted in CyberScoop, the change increases the CISA director’s control over “the makeup and direction of the organization” compared with past arrangements under CIPAC.
  • State, local, tribal and territorial governments and trade associations: The notice specifically includes these entities as sources for council membership, meaning sub‑national governments and organized private groups will have a formal avenue to engage — provided they are selected under the processes CISA uses to appoint members.

Former CISA leadership and current industry voices cautioned that the practical value of ANCHOR-CI will depend on implementation details. Kolasky emphasized the need for “consistent processes” so membership does not hinge on favor with a particular agency or administration, and said he wants ANCHOR to function as “a partnership structure between industry and government and not something that is completely operated and mandated by the government.”

The federal register notice establishes the program’s legal posture and structure and carves out a FACA exemption; the degree to which ANCHOR‑CI restores the day‑to‑day trusted information sharing that owners and operators relied on under CIPAC will depend on how CISA exercises its appointment authority and how cross‑sector and regional councils are staffed and run. The notice’s publication on July 1 will be the next formal step in that process.

https://cyberscoop.com/dhs-anchor-ci-cybersecurity-information-sharing/

CisaCritical InfrastructureEmerging ThreatsHomeland SecurityNational SecurityDHSGovernment PartnershipsPublic Private PartnershipsANCHOR-CI
Related Intelligence

Continue Reading

Modern government office interior with network pattern in window.

Federal Agencies Modernize Security with Zero Trust Architecture

Federal agencies are revolutionizing their security approach with Zero Trust Architecture, shifting from mere compliance to a robust operational framework that enables seamless mobility, cloud modernization, and AI-driven decision making. By embracing this cutting-edge strategy, leaders are transforming their organizations to stay ahead of emerging threats.

Analyst 207
Smartphone displays AI chatbot interface on a clean, minimalist surface with a laptop in the background.

iOS AI Apps Expose API Keys, Open AI Proxy Access

Nearly two-thirds of AI chatbot apps for iPhone, that's 282 out of 444 tested, are leaking sensitive API keys, leaving users' data vulnerable to exposure through open AI proxy access. This alarming discovery highlights a critical security gap in many popular iOS AI apps.

Analyst 207
A well-lit computer workstation with a laptop and technical instruments in a clean, minimalist environment.

GuardFall Exposes AI Coding Agents to Shell Injection Risks

Researchers at Adversa AI have uncovered a shocking weakness, dubbed GuardFall, that lets advanced open-source coding agents slip past safety filters and execute destructive shell commands, exposing them to shell injection risks. This gap between text-based checks and shell execution leaves a trail of vulnerability wide open to exploitation.

Analyst 207
Modern office scene with people around a table, laptops, and a large screen displaying a blurred Teams interface.

Microsoft Bolsters Teams Security with Enhanced Bot Controls

Microsoft's new Teams admin policy gives you more control over third-party bots in meetings, allowing you to block unwanted guests and require explicit approval for external bots to join. This enhanced security feature can be easily managed for individual users or specific groups through the Teams Admin Center.

Analyst 207