CISA Replaces Disbanded Infrastructure Advisory Body With Closed-Door ANCHOR-CI Framework
The new Alliance of National Councils for Homeland Operational Resilience exempts itself from federal transparency law, raising questions about accountability even as it claims to broaden public-private threat sharing.
CISA stood up a new advisory-body framework for critical infrastructure security on July 1, filling a gap left by the Trump administration's early-term purge of public-private councils. The agency calls it ANCHOR-CI, short for the Alliance of National Councils for Homeland Operational Resilience, Critical Infrastructure.
The timing matters. <cite index="27-2">The Department of Homeland Security is launching new advisory councils to coordinate between critical infrastructure operators and government agencies after disbanding a slew of public-private bodies during the first months of the Trump administration.</cite> CISA's press release framed the move as an upgrade, not a repair job, but the lineage is direct.
<cite index="21-2">ANCHOR-CI incorporates the best practices and lessons learned from the Critical Infrastructure Partnership Advisory Council and will expand meaningful engagement to a wider range of public-private critical infrastructure stakeholders to address threats in real time.</cite> The framework will support four council types: <cite index="25-6">critical infrastructure sector councils, cross-sector councils, industry councils, and regional coordinating councils.</cite>
The regional tier is worth flagging separately. <cite index="27-14">Regional coordinating councils tie directly to President Donald Trump's March executive order, which calls for a shift of major security and resilience initiatives to be owned and managed at the state and local levels.</cite> That's a structural choice, not a neutral one. Pushing resilience ownership downward without matching resources has historically produced gaps rather than coverage.
The most substantive detail in the Federal Register notice isn't about the council's reach, it's about what it won't do in public. <cite index="27-5,27-6">ANCHOR-CI will be exempt from the Federal Advisory Committee Act, a federal transparency law governing most federal advisory panels that typically requires open-meeting, public-access, and balanced membership rules. DHS cited the sensitive nature of the risk assessments its members will handle in exempting the new body from the legislation.</cite>
<cite index="28-17">All eligible meetings held under ANCHOR-CI are closed to the public due to the sensitive nature of the discussions and activities conducted during these meetings.</cite> CISA says it will post agendas, which is something, but agendas aren't minutes.
The FACA exemption has a real operational argument behind it. Owners and operators of energy, water, and transportation systems aren't going to share live vulnerability data in open hearings. That's a reasonable premise. What's less clear is whether the framework builds in any counterweight. <cite index="27-17,27-18">The notice does not appear to include liability or antitrust protections that have historically shaped how companies disclose sensitive information in government-industry forums. CISA did not immediately respond to a request for comment about what protections the body will be provided to encourage enhanced public-private information sharing.</cite> GovInfoSecurity flagged that gap in its July 1 reporting, and it hasn't been answered publicly.
<cite index="27-8">The CISA director must approve the membership of every council and may appoint additional entities, participants, or subject matter experts as needed.</cite> That's a significant concentration of gatekeeping in a single acting director, and CISA has been running without a Senate-confirmed director for over a year.
The threat environment the framework is meant to address isn't theoretical. The agency's own April advisory, issued jointly with the FBI, NSA, and others, documented that <cite index="15-5,15-6">an Iranian-affiliated APT group is targeting internet-exposed programmable logic controllers with the intent to cause disruptions to U.S. critical infrastructure organizations, and that targeting campaigns have recently escalated, likely in response to hostilities between Iran and the United States and Israel.</cite> That's the context ANCHOR-CI is supposed to help address, cross-sector, real-time coordination when threat activity spills across energy, water, and government systems simultaneously.
<cite index="21-9">ANCHOR-CI will initially operate for two years and may be extended by the Secretary pursuant to Section 871 of the Homeland Security Act.</cite> A two-year runway is short for standing up councils, vetting members, building trust, and producing actionable guidance. Whether that clock reflects urgency or institutional caution is an open question the agency hasn't answered.
Sources cited:
- CISA official announcement, cisa.gov (https://www.cisa.gov/news-events/news/cisa-announces-new-advisory-council-strengthen-partnerships-and-secure-critical-infrastructure)
- CISA ANCHOR-CI charter page, cisa.gov (https://www.cisa.gov/anchor-ci)
- GovInfoSecurity, 'DHS Launches ANCHOR-CI Critical Infrastructure Councils' (https://www.govinfosecurity.com/dhs-launches-anchor-ci-critical-infrastructure-councils-a-32132)
- Government Technology, 'CISA Launches a Critical Infrastructure Security Partnership' (https://www.govtech.com/security/cisa-launches-a-critical-infrastructure-security-partnership)
- CISA Joint Advisory AA26-097A, Iranian-Affiliated Cyber Actors Exploit PLCs (https://www.cisa.gov/news-events/cybersecurity-advisories/aa26-097a)
This release was originally distributed via ETL Newswire. Visit CISA official announcement, cisa.gov for the full story, related releases, and contact information.
Visit CISA official announcement, cisa.gov →