Information Sharing: A Vital Resource for Critical Infrastructure Security and Resilience

In today’s interconnected world, every second can make a difference in either preventing an incident or responding to an event that affects the Nation’s critical infrastructure. The ability of federal, state, local, tribal, territorial, and private sector partners to share accurate information quickly is essential to the Nation’s security and resilience.

Information Sharing Enables Decision-Making

Photo of the Office of Infrastructure ProtectionThe Cybersecurity and Infrastructure Security Agency's Infrastructure Security division plays a vital role—both directly and through a network of partners—to enable informed decisions and timely actions among the 16 critical infrastructure sectors as they execute security and resilience activities. In support of the larger DHS information-sharing platform, IP supports information-sharing processes that allow informed action on three levels:

  • Situational awareness in both normal, day-to-day operations and a crisis or event, including suspicious activity reporting, incident analysis, and recommended protective actions.
  • Operational and tactical risk management actions in anticipation of and response to a threat to critical infrastructure at a specific location or across an entire sector.
  • Strategic planning and investment to build capabilities that strengthen critical infrastructure security and resilience for the future.

IP facilitates information sharing through:

  • Alerts, threats, and warnings – Ensures situational awareness of potential and actual threats and catalyzes action.
  • Effective risk management programs – Informs private sector investment decisions and government analysis and planning.
  • Collaboration and coordination – Supports the development of plans, strategies, protective measures, preparedness, risk mitigation, and response and recovery efforts.

Information shared within a structured and secure information sharing environment helps critical infrastructure owners and operators guide investments, implement protective programs, and ensure effective response to infrastructure threats as they arise.

Tools to Support Information Sharing

The Department has established several operations and tools to support information sharing within and among the critical infrastructure sectors. These include:

  • Homeland Security Information Network - Critical Infrastructure (HSIN-CI) — HSIN is the trusted network for homeland security mission operations to share Sensitive But Unclassified (SBU) information. The Critical Infrastructure community on HSIN (HSIN-CI) is the primary system through which private sector owners and operators, DHS, and other Federal, state, and local government agencies collaborate to protect the Nation’s critical infrastructure. HSIN-CI provides real-time collaboration tools including a virtual meeting space, document sharing, alerts, and instant messaging at no charge.
  • CISA Gateway (CISA Gateway) — The CISA Gateway serves as the single interface through which DHS partners can access a large range of integrated infrastructure protection tools and information to conduct comprehensive vulnerability assessments and risk analysis.
  • National Infrastructure Coordinating Center (NICC) — The NICC is the 24/7 information coordination and sharing operations center that maintains situational and operational awareness, communication, and coordination among the critical infrastructure public and private stakeholders.
  • National Risk Management Center (NRMC) — NRMC evaluates the potential consequences of disruptions across the cyber-physical domain through an integrated analytical approach that implements deliverables required by Presidential Policy Directive 21 and Executive Order 13636.
  • Protected Critical Infrastructure Information (PCII) Program — The PCII Program works with government organizations and the private sector to protect critical infrastructure information needed for effective incident management, as well as steady-state operations and preparedness.
  • Protective Security Advisors (PSAs) — PSAs are security subject matter experts strategically deployed across the United States to protect the Nation’s critical infrastructure by providing state, local, tribal, territorial, and private sector partners access to DHS risk-mitigation tools, products, and services and by supporting officials responsible for planning and leading major events. In addition, PSAs support response and recovery efforts to all-hazard incidents through field-level coordination and information sharing.
  • TRIPwire (Technical Resource for Incident Prevention) — TRIPwire is a 24/7, online, collaborative information-sharing and resource portal for bomb technicians, first responders, military personnel, government officials, intelligence analysts, private sector security professionals, and critical infrastructure owners and operators to increase awareness of evolving improvised explosive device (IED) tactics, techniques, and procedures, as well as incident lessons learned and other counter-IED information.

The Department partners with other organizations to provide additional information-sharing support to its security partners. These include:

  • Sector-Specific Agencies (SSAs) — SSAs maintain ongoing relationships with each critical infrastructure sector and often provide information essential to identify vulnerabilities and all-hazard risks and develop protective programs.
  • Information Sharing Environment — The Office of the Director of National Intelligence manages the federal Information Sharing Environment.
  • National Explosives Task Force — The Task Force is an interagency office led by the FBI that fuses technical IED/explosives expertise from multiple federal agencies to support intelligence and law enforcement investigation activities.
  • Fusion Centers — Numerous states and large cities have established fusion centers to share information and intelligence.

Critical Infrastructure Threat Information Sharing Framework: A Reference Guide for the Critical Infrastructure Community

The Critical Infrastructure Threat Information Sharing Framework, a guide for critical infrastructure owners and operators as well as other critical infrastructure security and resilience stakeholders, describes how threat information is shared between the Federal Government and owners and operators. This framework includes descriptions and contact information for key threat information-sharing entities, as well as case studies that show how threat information sharing works in practice.

The Critical Infrastructure Information Sharing Environment

The Critical Infrastructure Information Sharing Environment is a unique framework that provides the tools needed to allow security partners to share vital information, which in turn helps them manage their infrastructure security and risk, respond to events, and enhance resilience.

The Intelligence Reform and Terrorism Prevention Act, signed into law December 2004, established the Director of National Intelligence and called for the creation of a National Information Sharing Environment (ISE). The Office of Infrastructure Protection was charged with implementing the primary private sector component of the National ISE, and, in 2007, established the Critical Infrastructure Information Sharing Environment.

Through today's Critical Infrastructure Information Sharing Environment, all partners have a stake in setting the individual information-sharing requirements that best suit the needs of each critical infrastructure sector.

IP works closely with each participating Sector Coordinating Council, Government Coordinating Council, and their respective Information Sharing Working Groups to identify for each sector what information is meaningful, how it is best distributed, who receives it, and how it is protected. These "knowledge networks" ensure that the right data, information, and knowledge is gathered and shared with the right people. Visit Critical Infrastructure Protection Partnerships for more information.

IP is also working closely with state and major urban area fusion centers and regional partnerships and coalitions to ensure timely information is available to the communities and local responders who need it. Learn more about Regional Partnerships and Mission Collaboration.

For more information, contact the Critical Infrastructure ISE at

Was this webpage helpful?  Yes  |  Somewhat  |  No