The Partnership and Engagement (P&E) branch of Stakeholder Engagement and Cyber Infrastructure Resilience (SECIR) serves as the Cybersecurity and Infrastructure Security Agency's (CISA) focal point for strategic and customer engagement with State, Local, Tribal and Territorial (SLTT) and private sector customers. P&E consists of three inter-dependent sections: Industry Engagement, SLTT Engagement, and the Customer Experience Management Office.
State, Local, Tribal and Territorial (SLTT) Outreach
The SLTT section’s mission is to build partnerships with non-Federal, public stakeholders in an effort to foster relationships that protect our Nation’s critical infrastructure. Across each state, primary stakeholders include Homeland Security Advisor (HSA), Chief Information Officers (CIO) and Chief Information Security Officers (CISO). As highlighted below, to increase reach and impact across the Nation, the SLTT section partners with major State and local organizations in an overall effort to reduce cyber risk. For information pertaining to the following initiatives, please contact SLTTCyber@hq.dhs.gov.
Multi-State Information Sharing and Analysis Center (MS-ISAC):
The MS-ISAC is designated by DHS as the cybersecurity Information Sharing and Analysis Center (ISAC) for SLTT governments. The MS-ISAC is grant-funded and serves as the key resource for cyber threat prevention, protection, response, and recovery for the Nation’s SLTT governments. The MS-ISAC provides advisories, newsletters, cybersecurity guides and toolkits, working groups, monthly calls, and many more services to all members at no cost.
Through its 24/7 Security Operations Center (SOC), the MS-ISAC functions as a central resource for situational awareness and incident response for SLTT governments while sharing and coordinating real-time risk information to support national cybersecurity situational awareness. The SOC provides real-time network monitoring, dissemination of early cyber threat warnings, and vulnerability identification and mitigation to reduce risk to the Nation’s SLTT government cyber domain. For more information, email email@example.com or visit www.cisecurity.org/ms-isac.
SLTT Strategic Initiatives:
The SLTT section partners with major State and local organizations on strategic initiatives focused on reducing cyber risk across the SLTT enterprise. These partnerships act as force multipliers for representing the SLTT community and promoting DHS services and programs. Established partnerships include: National Association of Counties (NACo), National Association of State Chief Information Officers (NASCIO); National League of Cities (NLC); National Conference of State Legislatures (NCSL); National Cyber Security Alliance (NCSA); National Governors Association (NGA); State, Local, Tribal and Territorial – Government Coordinating Council (SLTT-GCC).
Election Infrastructure Coordination:
In January 2017, DHS designated Election Infrastructure as Critical Infrastructure, creating it as a subsector under Government Facilities. Working directly with the Sector Specific Agency (SSA) in DHS’ Office of Infrastructure Protection (IP), the SLTT section coordinates directly with state and local election officials on strategic cyber initiatives to secure the Nation’s Election Infrastructure, and serves as the front line coordination element for access to all CS&C cyber services and programs.
Customer Experience and Management Office (CEMO)
The Customers Experience Management Office is intended to serve as the “front door” for private sector and SLTT partners, seeking to participate in CS&C services. In so doing, the CEMO Section will improve customer satisfaction with CS&C cybersecurity programs by streamlining coordination and engagement with industry partners.
The CEMO Section executes the following roles and responsibilities:
- Serve as the main POC for industry, international, SLTT inquiries for newly interested CS&C information sharing programs, including through direct coordination with the NCCIC and field personnel such as Cyber Security Advisors.
- Lead information briefings to private sector, international, and SLTT customers, including “cross-selling” CS&C programs.
- Develop and report on customer service metrics for all steady-state CS&C programs
- Manage the on-boarding process for specific CS&C programs. This role includes Cooperative Research and Development Agreement (CRADA) management, security processing for CRADA signatories, and AIS on-boarding.
Industry Engagement and Resilience (IER)
IER works with the private sector, its industry associations, and across all critical infrastructure sector partnerships to define cybersecurity strategies, organize and inform resource and capability needs and reporting requirements for cybersecurity. IER develops and implements risk management strategies and approaches.
Advisory Council Management:
Provides support and analyses to public-private sector forums focused on improving national security and emergency preparedness (NS/EP) telecommunications capabilities.
- President’s National Security Telecommunications Advisory Committee (NSTAC) provides industry-based analyses and recommendations to the President and the Executive Branch regarding policy and enhancements to NS/EP telecommunications.
- Network Security Information Exchange is a forum for public-private sector participants to voluntarily share sensitive information on threats to operations, administration, maintenance, and provisioning systems supporting the telecommunications infrastructure.
Critical Infrastructure Cyber Community Voluntary Program (C3VP):
The Department of Homeland Security’s (DHS) C³VP is a focal point for cybersecurity outreach and information for the Nation’s 16 sectors of critical infrastructure. The C³ Voluntary Program also serves small and midsize businesses, as well as department and agencies at all levels of government.
Established by a Presidential Executive Order (13636), the C³ Voluntary Program promotes use of the National Institute of Standards and Technology’s (NIST) Cybersecurity Framework. The Program also promotes a range of DHS cybersecurity tools, best practices, and services. These resources include technical assistance, implementation guidance on the Cybersecurity Framework, and a suite of cybersecurity guidance documents on conducting risk assessments, enhancing information sharing, developing workforce development programs, and conducting employee cybersecurity training and exercises.
National Security Telecommunications Advisory Committee (NSTAC):
Meeting our Nation’s critical national security and emergency preparedness (NS/EP) challenges demands attention to many issues. Among these, none could be more important than the availability and reliability of telecommunication services. The President’s National Security Telecommunications Advisory Committee (NSTAC) mission is to provide the U.S. Government the best possible industry advice in these areas. To learn more, please email NSTAC@hq.dhs.gov.