Note: This page is part of the archive.

Archived Content

In an effort to keep current, the archive contains outdated information that may not reflect current policy or programs.

Stakeholder Engagement and Cyber Infrastructure Resilience

The Stakeholder Engagement and Cyber Infrastructure Resilience (SECIR) division within Cybersecurity and Infrastructure Security Agency (CISA) streamlines strategic outreach to government and industry partners, by leveraging capabilities, information and intelligence, and subject matter experts in order to meet stakeholder requirements. SECIR programs and initiatives build public, private and international partnerships and capacity for resilience across the Nation’s critical infrastructure and the cybersecurity community. For more information, email


An engaged and informed customer base driven to achieve a resilient and secure cyber space ecosystem.


  • Initiate and sustain strategic Critical Infrastructure (CI) & State, Local, Tribal and Territorial (SLTT) partnerships to develop approaches for longer cyber risk management.
  • Engage SLTT and CI partners to implement comprehensive but specific cyber preparedness and protective activities
  • Perform outreach and education activities and advocate for DHS cyber capabilities


Bradford Willke is the Acting Director of SECIR.

Best Practices

Critical Infrastructure Cyber Community Voluntary Program (C3VP)

The Department of Homeland Security’s (DHS) Critical Infrastructure Cyber Community Voluntary Program (C³ Voluntary Program) is a focal point for cybersecurity outreach and information for the Nation’s 16 sectors of critical infrastructure. The C³ Voluntary Program also serves small and midsize businesses, as well as department and agencies at all levels of government.

Established by a Presidential Executive Order (13636), the C³ Voluntary Program promotes use of the National Institute of Standards and Technology’s (NIST) Cybersecurity Framework. The Program also promotes a range of DHS cybersecurity tools, best practices, and services. These resources include technical assistance, implementation guidance on the Cybersecurity Framework, and a suite of cybersecurity guidance documents on conducting risk assessments, enhancing information sharing, developing workforce development programs, and conducting employee cybersecurity training and exercises. For more information, email or visit

  • Supports Cybersecurity Framework Functions: Identify, Protect, Detect, Respond, and Recover.

Cybersecurity Advisors

The Department of Homeland Security’s (DHS) Cybersecurity Advisors (CSAs) offer assistance to help prepare and protect private sector entities and SLTT governments from cybersecurity threats. CSAs promote cybersecurity preparedness, risk mitigation, and incident response capabilities, working to engage stakeholders through partnership and direct assistance activities.

CSAs are distributed personnel assigned to 10 regions throughout the U.S., which are aligned to the Federal Emergency Management Agency (FEMA) regions. CSAs engage organizations in order to cultivate partnerships, deliver cybersecurity services, and create channels of communication to DHS cyber programs and Department leadership.

Cybersecurity Advisors offer six types of services:

  1. Cyber Preparedness: On-site meetings to answer questions, exchange ideas and information, and address concerns about cybersecurity — promoting best practices, resources, and partnership experiences.
  2. Strategic Messaging: Briefings, keynotes, and panel discussions delivered to help improve cybersecurity awareness and organizations’ cybersecurity posture — including timely and relevant information on DHS services and operational activities.
  3. Working Group Support: Workshops to join stakeholders in existing cybersecurity initiatives and groups to enhance information sharing — improving policy, procedures, and best practice, and facilitating lessons-learned.
  4. Partnership Development: Engagements to build and mature local and regional cybersecurity private-public partnerships, and move partnerships from awareness building to operational capabilities.
  5. Cyber Assessments, CSAs conduct the following:
    1. Cyber Infrastructure Survey (CIS): Survey focused on over 80 cybersecurity controls in five domains, resulting in an interactive decision support resource.
    2. Cyber Resilience Review (CRR): Strategic evaluation that assesses cybersecurity management capabilities and maturity as applied to protect critical information technology (IT) services.
    3. External Dependency Management (EDM): Assessment of the management activities and practices utilized to identify, analyze, and reduce risks arising from third parties.
  6.  Incident Coordination and Support: Activities to facilitate cyber incident response and to coordinate information requests in times of increased threat, disruption, and attack.

Contact Information:

For a comprehensive review of services and packages the CSA program offers please visit

For more information about the CSA Program or to inquire about your region’s CSA, please email

  • Supports Cybersecurity Framework Functions: Identify, Protect, Respond, and Recover.

Information Sharing

Multi-State Information Sharing and Analysis Center (MS-ISAC)

MS-ISAC is designated by DHS as the cybersecurity Information Sharing and Analysis Center (ISAC) for SLTT governments. The MS-ISAC is grant-funded and serves as the key resource for cyber threat prevention, protection, response, and recovery for the Nation’s SLTT governments. The MS-ISAC provides advisories, newsletters, cybersecurity guides and toolkits, working groups, monthly calls, and many more services to all members at no cost.

Through its 24/7 Security Operations Center (SOC), the MS-ISAC functions as a central resource for situational awareness and incident response for SLTT governments while sharing and coordinating real-time risk information to support national cybersecurity situational awareness. The SOC provides real-time network monitoring, dissemination of early cyber threat warnings, and vulnerability identification and mitigation to reduce risk to the Nation’s SLTT government cyber domain. For more information, email or visit

  • Supports Cybersecurity Framework Functions: Identify, Protect, and Detect.

The Automated Indicator Sharing (AIS)

AIS capability enables the exchange of cyber threat indicators between the Federal Government and the private sector at machine speed. AIS is part of DHS’s effort to create an ecosystem where as soon as a company or Federal agency observes an attempted compromise, the indicator is shared in real time with all partners. AIS is available at no charge to all SLTT governments, private sector entities, ISACs, and Information Sharing and Analysis Organizations (ISAOs), and foreign partners and companies. For more questions on this topic or CISA in general, please contact To report anomalous cyber activity and/or cyber incidents 24/7 email or (888) 282-0870.

  • Supports Cybersecurity Framework Functions: Identify, Protect, Detect, and Respond.

Cyber Information Sharing and Collaboration Program (CISCP)

CISCP Information sharing is a key pillar of effective cybersecurity. By sharing information rapidly between the government and the private sector, network defenders are able to block cyber threats before damaging compromises occur. DHS and participating companies share information about cyber threats, incidents, and vulnerabilities. Information shared via CISCP allows all participants to better secure their own networks and helps support the shared security of CISCP partners. Additionally, CISCP provides a collaborative environment where analysts learn from each other to better understand emerging cybersecurity risks and effective defenses. CISCP is based upon a community of trust in which all participants seek mutual benefit from robust information sharing and collaboration.

CISCP is free of charge and provides value to all members. Therefore, all companies with an interest in multi-directional cybersecurity information sharing and robust analytic collaboration between the government and the private sector should consider joining CISCP. For more information, go to

  • Supports Cybersecurity Framework Functions: Identify, Protect, Detect, Respond, and Recover.

SLTT Security Clearance Initiative

SLTT Security Clearance Initiative grants security clearances to state Chief Information Officers (CIOs) and Chief Information Security Officers (CISOs), which enables them to receive actionable classified and sensitive information about current and recent cyber incidents and threats to better inform their cyber risk management decisions. For more information, email

  • Supports Cybersecurity Framework Functions: Identify, Protect, Detect, Respond, and Recover.

Cyber Ecosystem

National Initiative for Cybersecurity Careers and Studies (NICCS)

NICCS is a public-facing Website that connects the Nation to the cybersecurity training and education information necessary to ensure citizens and the workforce have more dynamic cybersecurity skills. For more information, visit

  • Supports Cybersecurity Framework Functions: Protect.

The Federal Virtual Training Environment (FedVTE)

FedVTE is a free, online, on-demand cybersecurity training system that is available at no charge for U.S. government personnel and veterans. Managed by DHS, FedVTE contains training on topics such as ethical hacking and surveillance, risk management, and malware analysis. Visit FedVTE at

  • Supports Cybersecurity Framework Functions: Protect.

The NICCS Education and Training Catalog

The NICCS Education and Training Catalog serves as the central location where cybersecurity professionals across the nation can find over 3,000 cybersecurity-related courses across the Nation. Courses help participants increase their expertise, earn a certification, or even transition into a new career. All of the courses are aligned to the NICE Cybersecurity Workforce Framework. To search the catalog, and to find a wide range of cybersecurity education, training, and workforce development resources, visit

  • Supports Cybersecurity Framework Functions: Protect.

The NICE Cybersecurity Workforce Framework

The NICE Cybersecurity Workforce Framework provides a blueprint to categorize and describe cybersecurity work. It is organized into Work Roles, Specialty Areas, tasks, and knowledge, skills, and abilities (KSAs). The Framework provides a common language to speak about cyber roles and jobs and helps define personal requirements in cybersecurity. To explore the Framework, visit

  • Supports Cybersecurity Framework Functions: Protect.

The Cybersecurity Workforce Development Toolkit

The Cybersecurity Workforce Development Toolkit helps organizations understand their organization’s cybersecurity workforce and staffing needs to protect their information, customers, and networks. This Toolkit includes tools such as cybersecurity career path templates, and recruitment resources to recruit and retain top cybersecurity talent. To download the toolkit, visit

  •  Supports Cybersecurity Framework Functions: Protect.

The Stop.Think.Connect. Campaign

The Stop.Think.Connect.Campaign. The Department of Homeland Security’s National Awareness Programs manages the Stop.Think.Connect. Campaign, a national public awareness campaign aimed at increasing the understanding of cyber threats and empowering the American public to be safer and more secure online. The Campaign provides a variety of resources, including blogs, newsletters, and tip cards, to give Americans the tools and information they need to make more informed decisions when using the Internet.

  • Supports Cybersecurity Framework Functions: Protect.

National Cyber Security Awareness Month

The Department of Homeland Security also leads the federal execution of National Cyber Security Awareness Month (NCSAM) every year in October. NCSAM is designed to engage and educate public and private sector partners through events and initiatives to raise awareness about the importance of cybersecurity.

  • Supports Cybersecurity Framework Functions: Protect.

Cybersecurity Education and Training Assistance Program (CETAP)

Through the CETAP grant, DHS has teamed up with the Cyber Innovation Center (CIC) to offer project-driven, application-based curricula that can be easily integrated into current STEM and education standards. The curricula encompasses 342 weeks of STEM and cyber-related content, which can be taught over 9 full year-long courses in middle and high schools. All courses include free lesson plans, activities, and assessments. This modular project-driven content offers rigorous learning opportunities that are highly engaging and hands-on, to help students build aptitude in problem-solving and analytical skills – all of which are necessary in the cybersecurity profession. Visit to learn more about the curricula.

  • Supports Cybersecurity Framework Functions: Protect.

To continually nurture students’ interest and aptitude in cybersecurity, DHS co-sponsors the CyberCorps®: Scholarship for Service (SFS) program, which offers collegiate scholarships to undergraduate, graduate, and doctoral students. The scholarship awards can help cover the cost of tuition including books, and offer stipends for students – up to $34,000. Recipients must pursue a cyber-related degree and agree to serve in a cybersecurity role with the government for a period equivalent to the length of their scholarship upon graduation.

Currently, there are more than 60 schools offering SFS scholarships across the country today - including a school in Puerto Rico. Since 2000, there have been over 2,300 graduates with a 97% placement rate in a government job. To learn more about the SFS program, visit

  • Supports Cybersecurity Framework Functions: Protect.

Federal Cybersecurity (Includes SLTT)

Continuous Diagnostics and Mitigation (CDM)

CDM  is a dynamic approach to fortifying the cybersecurity of government networks and systems. CDM provides Federal agencies with capabilities and tools that identify cybersecurity risks on an ongoing basis, prioritizes these risks based upon potential impacts, and enables cybersecurity personnel to mitigate the most significant problems first. DHS and the Government Services Administration (GSA) established a Government-wide acquisition vehicle to encourage CDM implementation by SLTT governments through the use of federally negotiated cost-saving arrangements. For more information on CDM, visit

  • Supports Cybersecurity Framework Functions: Identify, Protect, Detect, and Respond.

Information Technology and Communications Sector Risk Management Agency

In accordance with Presidential Policy Directive 21 (PPD-21) and the 2013 National Infrastructure Protection Plan (NIPP), Cybersecurity and Infrastructure Security Agency's (CISA) Stakeholder Engagement and Cyber Infrastructure Resilience Division (SECIR) serves as the Sector Risk Management Agency (SRMA) for the Information Technology (IT) and Communications critical infrastructure sectors. As detailed in the NIPP, SRMAs coordinate efforts across the critical infrastructure community to strengthen the security and resilience of their sectors, serve as the Federal interface for sector-specific activities, carry out incident management responsibilities consistent with statutory authority, support and facilitate technical assistance to identify sector vulnerabilities, and support annual reporting requirements.

The IT and Communications SRMA accomplishes these missions by serving as the focal point for coordination in the private-public partnership model, working with Sector Coordinating Councils (SCC); Government Coordinating Councils (GCC); the SLTT GCC; the Critical Infrastructure Cross-Sector Council; the Federal Senior Leadership Council; the Regional Consortium Coordinating Council; and information sharing organizations (e.g., Information Sharing and Analysis Centers). In addition to supporting the IT and Communications Sectors, the IT and Communications SRMA provides information across the critical infrastructure community to increase the security and resilience of the Nation’s critical infrastructure.

Additional IT and Communications Sectors informational inks:

IT Sector:

IT Sector Council Charter and Membership:

IT Sector Sector-Specific Plan:

Communications Sector:

Communications Sector Charter and Membership:

Communications Sector-Specific Plan:

General inquiries inbox for the Communications Sector:

National Security Telecommunications Advisory Committee (NSTAC)

Meeting our Nation’s critical national security and emergency preparedness (NS/EP) challenges demands attention to many issues. Among these, none could be more important than the availability and reliability of telecommunication services. The President’s National Security Telecommunications Advisory Committee (NSTAC) mission is to provide the U.S. Government the best possible industry advice in these areas. To learn more, visit or email

Supports Cybersecurity Framework Functions: Identify, Protect, Detect, Respond, and Recover.

Was this webpage helpful?  Yes  |  Somewhat  |  No