A new technical rule issued by the Department of Homeland Security and Cybersecurity and Infrastructure Security Agency will improve and modernize the Protected Critical Infrastructure Information Program.
The new technical rule would change how CISA addresses voluntary data gathering from private sector entities in its Protected Critical Infrastructure Information Program, according to a Dec. 21 CISA news release.
"The PCII Program is essential to CISA's ability to gather information about risks facing critical infrastructure," CISA Infrastructure Security Executive Assistant Director David Mussington said in the news release. "This technical rule modernizes and clarifies important aspects of the program, making it easier for our partners to share information with DHS."
The changes also feed into CISA's mission, the release reported.
"These revisions further demonstrate our commitment to ensuring that sensitive, proprietary information shared with CISA remains secure and protected," Mussington said in the release. "I would like to thank CISA's PCII Program Office and Office of the Chief Counsel for their hard work in making this technical rule a reality."
The PCII dates back to September 2006 when DHS published regulations in the wake of the 9/11 terror attacks to establish major security reforms, according to the release. The program has since become a cornerstone of CISA's public-private efforts to secure the nation's cybersecurity and critical infrastructure, working closely with DHS. PCII provides legal protections for information shared the private sector shares with the government for homeland security purposes.
These non-substantive, technical edits will amend the program "to help critical infrastructure owner/operators, state and local governments and other important stakeholders more effectively use the PCII Program," the news release said.
Amendments including error corrections, address changes and title updates "that improve the clarity" of the program's regulations, the release reported.
"This rule does not create or change any substantive requirements," the news release said.
