CISA Significantly Expands List of 'Essential Critical Infrastructure' Workers

Over the weekend, the Cybersecurity and Infrastructure Security Agency added to its list of areas where workers should continue their regular operations amid “stay-at-home” orders under guidance the White House recently issued regarding management of the coronavirus pandemic. 

The new list, issued Saturday, is careful to include the private sector under headings such as “Law Enforcement, Public Safety, and other First Responders.” It also creates a new heading of “Commercial Facilities” and broadens applicable services listed under industries such as electricity, finance and communications and information technology.

CISA’s original list, issued March 19, did not include “External Affairs personnel” within the communications sector as essential, for example.

The agency acknowledged that only a brief period had elapsed before they updated the list in the “frequently asked questions” section of the post. 

CISA says the list was updated “based on feedback received since the guide was published.”

Following the update, USTelecom, the lead trade association for the telecommunications industry issued a press release, praising the CISA action.

“Today’s announcement expands the categories of communications workers to include vital support elements such as supply chain and logistics personnel, retail customer service personnel, and personnel responsible for infrastructure construction and restoration,” reads the USTelecom release.

Robert Mayer, USTelecom’s senior vice president for cybersecurity and innovation and chair of the communications sector coordinating council, added: “We applaud CISA for recognizing the essential role of communications employees operating under these extraordinary circumstances.”

The new CISA list also more explicitly lists workers who support the production of microelectronics and semiconductors among other tech industry activities.

Following CISA’s release of the original list, trade associations for the tech industry urged state and international governments to similarly classify workers for their operations as essential.

“BSA and its members believe that shelter-in-place orders and related policies limiting business operations should include exclusions, consistent with these CISA recommendations, to maintain vital functions performed by Information Technology (IT) and IT infrastructure,” BSA | The Software Alliance, wrote in a letter to U.S. governors.

In a March 26 press release, Aaron Cooper, vice president of global policy for BSA, added: “We urge governments around the world to adopt exceptions, as was done in the guidance from the US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), in identifying IT and related services as essential during stay-at-home orders.”

The Information Technology Industry Council also implored state governments to adopt the CISA guidance in considering shelter-in-place policies, and specifically called out some international governments where it said policies lacked clarity regarding the information and communications technology industry. 

“In the United States, California and Maryland have adopted CISA guidance in full,” reads ITI’s March 26 press release. “Other states have adopted similar guidance, but inconsistencies and additional layers of requirements have created confusion and barriers for critical employees to get to work.”

“Countries including India, Malaysia, and Brazil have recently come out with their own shelter-in-place measures that have lacked clear measures on ICT workers,” the release added, noting ITI has sent letters to the governments of India and Brazil.

CISA’s guidance also now includes “clergy for essential services,” where it didn’t before. 

Help us understand the situation better. Are you a federal employee or contractor with information about how your agency is handling the coronavirus? Email us at newstips@nextgov.com.