After receiving credible information about an al-Qaida threat to high-profile buildings where financial institutions were located, the U.S. Department of Homeland Security shared that information through the InfraGard network. InfraGard then used the Sector Chief Program to rapidly disseminate the necessary details to the right people within those institutions.
In the years following 9/11, many efforts have been made to create organizations and improve processes for information sharing related to national security. At the heart of this effort is the protection of the nation’s critical infrastructure. Examples show how a threat, attack, or natural disaster – from tornadoes and hurricanes to the threat of a terrorist attack – can have a great and cascading impact on a region.
In an effort to prepare for, respond to, and recover from such events, both Presidential Policy Directive-21 (PPD-21: Critical Infrastructure Security and Resilience) and Executive Order 13636 (EO 13636: Improving Critical Infrastructure Cybersecurity) were issued in February 2013. These documents provide guidance for public and private partnerships to optimize information sharing for the protection of critical infrastructure.
Establishing Sector-Specific Leaders
As the premier public-private partnership for critical infrastructure protection, InfraGard’s mission is to provide a conduit for information sharing between and among critical infrastructure owners and operators and government agencies. The Federal Bureau of Investigation (FBI) sponsors the InfraGard program, which has over 37,000 members affiliated with 84 local InfraGard chapters across the country. However, with this many members and chapters nationwide, a system had to be developed to improve the efficiency of that information sharing.
In 2004, the Kentucky (KY) InfraGard Members Alliance (IMA) developed the Sector Chief Program as a means to better know who their members were, what sectors they represented, and what sectors were not well represented. Theea was then to recruit members from those sectors for which there were gaps. Once several members wereentified for a sector, one member was selected who would serve as the lead for the sector within the IMA. These select members were the first sector chiefs. Theeal candidates for sector chief were those who had affiliations with other sector-specific professional associations. This would ensure that the sector chiefs kept well apprised of the issues, concerns, events, and best practices of their sectors. They would be knowledgeable as well as have a network for information sharing that extended beyond the membership.
Sector chiefs met periodically with the local board to discuss issues across sectors. They would then assist in sector-specific trainings and information sharing for the quarterly membership meetings. Lastly, sector chiefs would serve as the point of contact for information flow between the members of their respective sectors and government agencies (e.g., FBI, U.S. Department of Homeland Security [DHS], etc.). This could be for more routine purposes (to serve as a subject matter expert for a case) or, in the event of a threat, for the FBI to quickly notify the proper point of contact within the sector in that region.
Sector Chiefs in Action
On Sunday, 1 August 2004, DHS received credible information from InfraGard of a threat to U.S. and international financial institutions based in the United States. Al-Qaida was planning to attack high-profile buildings in which financial institutions were located. Then-DHS Secretary Tom Ridge held an emergency conference call with the state Homeland Security offices (or equivalents) within each state that Sunday afternoon.
Following the call, a representative of the KY Office of Homeland Security contacted the KY IMA leadership and asked for the contact information for the banking and finance sector chief. He then was able to contact the sector chief and brief him on the information that was shared on the call. The sector chief then was able to share information on the threat and the government’s evaluation and response with other members of the banking and finance sector. Those members were prepared and ready when their banks and financial institutions opened on Monday morning. There were no surprises and no panic.
Expansion of a Successful Program
In 2004, other IMAs began standing up their own Sector Chief Programs with the assistance of the KY IMA. Some IMAs named a few sector chiefs, whereas others named one for each sector. Their relationships with the state and federal government were different from one to the next as well. In 2013, all 84 InfraGard chapters were asked to form a Sector Chief Program. The InfraGard national leadership and the FBI worked together to develop guidance for the IMAs. The stated mission of the Sector Chief Program is to efficiently “identify sector-specific experts, organize InfraGard membership to utilize its resources, and streamline dissemination of information to protect and address vulnerabilities in the critical infrastructure.”
Each InfraGard chapter works with the FBI field office with which it is affiliated to determine the priority critical infrastructure sectors for that field office/region. Chapters appoint sector chiefs for one or more of the top sectors. Although some chapters appoint sector chiefs (and deputy sector chiefs) for all sectors, most appoint them only for the priority sectors. One of the benefits for volunteers to serve as sector chiefs is the eligibility for a federal security clearance. However, this will not be processed for all sector chiefs, only those who may require it based on their sectors, locations, expected levels of information needed, and need to know.
An Evolving “National Asset” As the program continues to grow, more sector chiefs areentified and their roles expanded, InfraGard is planning toentify national sector chiefs that will have affiliations/contacts with their respective sector-specific agencies. These national sector chiefs will be able to connect federal agencies with the sector chief in any area of the country as needed and rapidly share information from a national perspective. As InfraGard has grown and matured over its 19 years, it has evolved to become a “national asset” as quoted in March 2014 by senior leadership in the FBI. The members have become more engaged and active participants in InfraGard and, as a direct result, in the protection of national security.
Sheri Donahue is cyber security and strategic partnerships director for Humana Inc. in Louisville, Kentucky (KY). She previously served as: program manager for security and intelligence at the Indian Head Division of the Naval Surface Warfare Center; director of customer support for DisastersNet Inc.; managing director of the INMA; and executive director and president of the Cyber Conflict Studies Association (CCSA) at the Norwich University Applied Research Institutes. She also served, for 16 years, as an engineer and special programs manager for the Department of the Navy. She has been with InfraGard since 2003, served on the National Board from 2004 to 2012, and has been national president since 2012. As a member of the KY InfraGard chapter in 2003, she co-created the first Sector Chief Program.