White House panel recommends public-private task force to protect domestic infrastructure

A White House advisory committee tasked with guiding federal policy for the nation’s telecommunications systems greenlit a series of recommendations Tuesday for a multi-faceted strategy to combat cyberattacks targeting domestic infrastructure.

The National Security Telecommunications Advisory Committee unanimously voted to approve a draft report that calls on the administration to establish a public-private task force that would develop a framework of best practices to mitigate the abuse of domestic infrastructure by foreign adversaries.

The report also urges the federal government to further protect its networks with the help of commercial products and emerging technologies, from launching a pilot program to test privacy enhancing technologies that can help accelerate data sharing initiatives, to creating an operational working group focused on enhancing tactical collaboration to further address ADI.

The NSTAC report envisions a strategy spearheaded by the Office of the National Cyber Director that leans on existing and new public-private collaborations to identify and mitigate a wide-range of evolving threats targeting U.S. telecommunications, transportation, energy and other key domestic infrastructures. 

The report says a "layered approach" is required to combat ADI and notes that "no singular action or approach will fully address the challenge on its own."

"While many facets to combat ADI are currently in place or under development, a strategic, coordinated approach is essential to help unify these efforts," the report says. 

Steve Schmidt, chief security officer of Amazon and one of the co-chairs of the NSTAC report, described several of the recommendations as "immediately actionable" following the vote on Tuesday.

The Cybersecurity and Infrastructure Security Agency's Joint Cyber Defense Collaborative and the National Security Agency's Cybersecurity Collaboration Center can immediately launch an operational working group to "focus on how we can more effectively operationalize combatting ADI in real-time and identify opportunities for joint responsive action," Schmidt said during the committee meeting.

NSTAC called on CISA to work with the private sector, the Department of Justice and other key federal entities on developing a set of recommendations to update the Cybersecurity Information Sharing Act of 2015, which expires in September 2025.

Recent reports have also called on the White House and Congress to enhance data sharing efforts, including a Center for Data Innovation study published Monday that said data silos are hindering innovation throughout the public and private sectors.