The CSC 2.0 project, the successor to the Cyberspace Solarium Commission, has released a report offering recommendations to improve collaboration between the public and private sectors in protecting U.S. critical infrastructure and address considerations that require an update to the Presidential Policy Directive 21.
According to the report, PPD-21 created strategic goals for safeguarding critical infrastructure, designated 16 critical infrastructure sectors and assigned a sector-specific agency to each sector.
The report calls for the current administration to rewrite PPD-21 by identifying strategic changes and clarifying the roles and responsibilities of the Cybersecurity and Infrastructure Security Agency as the national risk management agency. It also tasks the administration with facilitating accountability and addressing questions around the organization and designation of critical infrastructure sectors and assigned sector risk management agencies, CSC 2.0 said Wednesday.
According to the document, the White House and Congress should support the PPD-21 rewrite and strengthen the effectiveness of public-private collaboration with several measures.
These include strengthening CISA’s capabilities to carry out its responsibilities as NRMA, resourcing SRMAs for the responsibilities they have and developing a functional capacity to facilitate information sharing across all sectors, as well as organizing public-private collaboration to mitigate systemic and cross-sector risks, identifying a way to support, catalog and protect priority infrastructure and ensuring an effective emergency response.
In April, CSC 2.0 issued a report concluding that space systems should be designated as a U.S. critical infrastructure sector.
