Military Review English Edition March-April 2016 | Page 82

Singer and Friedman point out, “the private sector
In February 2015, EO 13691 directed DHS
controls roughly 90 percent of U.S. critical infrastructo develop Information Sharing and Analysis
ture, and the firms behind it use cyberspace to, among Organizations (ISAOs).60 These organizations extend
other things, balance the levels chlorination in your
the ISACs model beyond the sixteen critical infracity’s water, control the flow of gas that heats your
structure sectors to other high-value sectors like law
home, and execute the financial transactions that keep and accounting firms, which are prime targets for cycurrency prices stable.”51 DHS Assistant Secretary for
berattacks.61 EO 13691 directs the NCCIC to superCybersecurity and Communications Andy Ozment
vise ISAO arrangements.62 Still in its infancy, ISAOs
explains, “There’s no way that the government is going seek to provide cooperation despite distrust and fricto be able to help every company in America secure
tion between the government and other stakeholditself.”52 Public-private cooperation is fundamental to
ers. Such a balancing act parallels the Army’s future
building an adaptive cybersecurity framework.53
information environment and significantly impacts
In 1998, Presidential Decision Directive 63
the Army’s conduct of stability operations.
launched Information Sharing and Analysis Centers
(ISACs), which invite private sector stakeholders to
Conclusion
build networks to exchange best practices and facilitate
Stability operations doctrinally require coorcrisis response.54 ISACs rely on private industry for
dination with the host-nation government, com“non-regulatory and non-law enforcement missions.”55
mercial industry, multinational partners, and even
They are “a clearinghouse for information within and
nongovernmental organizations (NGOs). This
among the various sectors, and provide a library for
cooperative mindset applies to cyberspace operhistorical data to be used by the private sector and,
ations. Since governments rely on cyberspace to
as deemed appropriate by the ISAC, by the governprovide essential services, cybersecurity requires a
ment.”56 Since 1998, the ISACs model has evolved to
sixth line of effort that simultaneously supports the
facilitate cooperation
between federal, state,
local, tribal, and territorial governments.
In 2013, PPD-21
ordered DHS to create two
national centers to oversee
physical and cyber infrastructure protection.57 DHS
incorporated this guidance
in its National Infrastructure
Protection Plan.58 The
National Infrastructure
Coordinating Center
oversees the physical domain, and the
National Cybersecurity
and Communications
Integration Center
(Photo by Staff Sgt. David Bruce, 38th Infantry Division)
(NCCIC) handles the cyMore than 350 National Guard soldiers, airmen, and civilians from forty-two states converged
ber domain.59 These coordi- 9–20 March 2015 at Camp Atterbury, Indiana, to participate in Cyber Shield. The intent was to train
nation centers also facilitate the participants to defend critical infrastructure against cyberattacks. The exe