InfraGard — an under-the-radar FBI-sponsored volunteer program — has been promoting this type of collaboration for the past 16 years. The program builds relationships and provides training for its more than 50,000 members. In addition to creating and enhancing communications between government and industry, it has developed relationships that proved to be critical during times of need.
InfraGard began in the FBI’s Cleveland Field Office in 1996 when local IT representatives helped the bureau with a cybersecurity case. The benefits of such a partnership were realized, and the program spread to other field offices and became a national program in 1998.
“A piece of classified information has little value unless you have the context that goes with it,” said Sheri Donahue, a member of the InfraGard National Board of Directors. “They realized the benefits of professional networking. It also helped the private sector understand and appreciate the security threats that impact multiple sectors.”
Today the 84 chapters are linked to the FBI’s field offices and each is assigned a special agent coordinator from the bureau. The program has expanded and continues to aid FBI investigations while showing how valuable these connections can be during an emergency.
When the Interstate-35 bridge in Minneapolis collapsed on Aug. 1, 2007, resulting in 13 deaths and more than 100 injured, additional support came in the form of the Navy dive team. However, the more than 30-person team needed secure access near the Mississippi River. A request was sent to the area’s InfraGard members that the team needed a location to work from, and within 10 minutes there were about seven responses from members about potentially suitable commercial sites.
“A simple request along those lines, but one that was needed with urgent coordination, really showed the value of being able to communicate and coordinate between the public and private sector right then and there,” said Elizabeth Stevens, who at the time worked for Ameriprise Financial and currently is the director of enterprise resiliency and response for the UnitedHealth Group.
That was the catalyst for the private sector creating an agreement with Minnesota to get a seat in the state’s EOC to truly be part of incident command and response. The partnership, known as P2CAT for Public-Private Coordination and Action Team, was formed in 2007 to provide structure for sharing information between the state’s critical infrastructure representatives and the Minnesota Homeland Security and Emergency Management division.
“We were trying to assert that our roles were the ICS/emergency management equivalent within the corporate realms, and once we were able to demonstrate with that bridge collapse event some level of value, I think that was the linchpin in getting that agreement finalized,” said Stevens who also is the president of the Minnesota InfraGard Chapter. (In 2007, Chris Terzich from Wells Fargo held the role of president.)
The InfraGard members’ roles in assisting with the response to the bridge collapse showed how useful the private sector could be during and after an emergency and helped open the communication line with the state.
In the early days of InfraGard, its main focus was IT and cybersecurity. Although the 9/11 terrorist attacks led it to take on the all-hazards approach and include all of the critical infrastructure sectors, cybersecurity remains integral to the program. Supervisory Special Agent Doug Dvorak, the program manager for InfraGard from FBI Headquarters, said that while cybersecurity takes third place on the list of the FBI’s priorities, it is part of all investigations.
“It is still going to be a huge part of the program — the fact is it cuts across into the energy sector and into transportation and everything relies on computers now,” Dvorak said. “So we do have a strong cyberidentity, but we are really working to expand across all walks of the critical infrastructure.”
And including all 18 critical infrastructure sectors in the program is an important step: It has been widely reported that 90 percent of U.S. critical infrastructure is privately owned. Having a forum to connect with representatives from those sectors not only benefits the FBI and other government entities, but it also improves the information flow to the private sector on threats to be aware of and is a way to share sensitive security information.
General guidance for the InfraGard program comes from the FBI, but each chapter has flexibility, with its focus mimicking the types of businesses and critical infrastructure in the area. For example, Maryland has many government facilities, so it may focus more on the insider threat issue than other chapters. And Delaware has more private-sector entities and a large banking industry, so it is more cyber-oriented, said FBI Special Agent Lauren Schuler, the InfraGard coordinator for the Maryland and Delaware chapters.
The chapters hold meeting and training sessions — in New York City, that happens monthly and in smaller chapters it can occur quarterly — around topics that benefit members. They can also establish special interest groups (SIG) for members to discuss a specific topic in a more in-depth, technical environment. Schuler said the Maryland chapter has its own SIGs on cyber- and insider threats. In addition, national SIGs, like the electromagnetic pulse group, unite InfraGard members across all chapters.
“While there is structure and we do give them guidance and help them with any initiatives they want — whether that is managing money or sponsorship opportunities — we also give them the freedom to create programs,” said Dvorak.
The program is free and primarily promoted by word of mouth. Although anyone can apply to be a member, the FBI recruits the owners, operators and security directors of critical infrastructure facilities and vets applicants before they’re accepted into the program. The vetting process includes verifying the application information and a general criminal history check, Schuler said.
“There is a level of credibility that people are … cleared to deal with law enforcement sensitive information and for-official-use information,” Dvorak said.
One benefit of membership is access to a secure communication network that includes a VPN encrypted website, webmail, email discussion groups and message boards, according to the FBI. Schuler said the FBI, DHS, Department of Justice, academic partners and members can post information on the website. The information ranges from unclassified up to law enforcement sensitive; InfraGard members are not granted a security clearance.
Members also sign a nondisclosure agreement, which helps to foster an environment where people can discuss issues without worrying about giving another company a competitive advantage. Dvorak said the chapters are good at policing themselves, but there have been instances in which members have been removed for violating the code of ethics and possibly shared information they shouldn’t have. “Usually those instances are very few and far between,” he said. “Pretty much everybody has the understanding that this is for the benefit of everybody and not to be used for someone to garner a specific advantage in one area.”
In Maryland, Schuler has a unique advantage when it comes to working with government agencies in the area and including them in the InfraGard meetings and trainings: She is co-located with the state fusion center, called the Maryland Coordination and Analysis Center. It was a natural union since the fusion center has a big role in critical infrastructure protection. The fusion center and InfraGard benefit from each other’s activities and populate a joint calendar, which has helped promote InfraGard’s monthly meetings and get additional partners to help with the planning.
John Reginaldi joined InfraGard about a year ago, but has been working in law enforcement and emergency management for decades. As a regional liaison officer for the Maryland Emergency Management Agency (MEMA), he is responsible for building relationships with emergency managers and the representatives of emergency support functions in the National Capital Region. He called the relationship between InfraGard and MEMA a win-win situation for everyone.
“With all the different trainings that we’re doing and the special interest groups, it’s probably one of the best proactive efforts that I’ve seen in the past 30 years of being involved in public safety,” Reginaldi said. The trainings are through InfraGard but MEMA has partnered with the program, and Reginaldi invites all of his contacts to the meetings. He also said the program is another resource with his role at MEMA — he can find speakers, policies and procedures to help with his training sessions and inquiries from his peers. When an emergency manager from a military department asked Reginaldi if he knew of policies that dealt with insider threats for social media, he reached out to a fellow InfraGard member.
He said Lockheed Martin gave him permission to share its policy with the military branch, thus sharing a possible best practice across government and industry.
As the program continues to grow its membership numbers, it’s also evolving. The FBI’s Dvorak said the bureau is examining the InfraGard members’ affiliation with critical infrastructure to see how they can be leveraged more effectively and how the FBI can provide more value to them.
The FBI is developing programs that will be geared more toward training, like the infrastructure liaison officer program, which will provide hands-on training, including tabletop exercises, to InfraGard members who have key roles in their corporations. “It takes it a step further. Hands-on participation, some knowledge retention and a certification, and really just gives them a good understanding of how the processes work when we have an incident, who the contacts are, develop all those relationships ahead of time and give them a leg up to know what to do, and also be a point of contact for their company,” Dvorak said.
The InfraGard website is also being revamped to make it more collaborative. Dvorak said the current website is static and the SIGs could benefit from a site that lends itself to information sharing.
But the heart of the program will not change, Dvorak said.
“The core of the program is still the information sharing and talking about what people need to help themselves protect against threats and vulnerabilities for critical incidents and then also for us to enhance our investigations.”
The Evolution
The national structure and leadership of InfraGard’s private-sector membership is much different than it was nearly decade ago. At the time, it was recognized that there was a lack of structured integration of the nongovernment members and business experts were brought in to determine a fix. The solution: In 2003, the InfraGard National Members Alliance (INMA) was created and comprises the private-sector component of the chapters.
Each of the program’s 84 chapters consists of the public-private partnership between an IMA, or InfraGard Member Alliance, and the FBI. Sheri Donahue, a member of INMA’s Board of Directors, said this lets the IMA accept donations and engage in partnerships that the public partner (the FBI) can’t.
“The formalization of InfraGard’s private-sector corporate structure allows the INMA and its member IMAs to engage federal, state and local stakeholders in new and productive programs that are outside the purview of the FBI,” says INMA’s website.
All IMAs must be incorporated and have 501(c)(3) designation by the IRS. INMA was granted a group exemption to allow IMAs to fall under its designation instead of applying to the IRS for the 501(c)(3) themselves. With that tax designation, Donahue said the IMAs can raise money, take donations and sponsorships, and enter into memorandums of understanding (MOU) and other agreements with organizations. “All the things that the FBI is prohibited from doing,” she said.
Multiple MOUs were established — including with the DHS, which provides ongoing opportunities to collaborate across sectors and to enhance awareness of the private sector — to create more relationships and increase information sharing.
An annual meeting is held to conduct INMA business, including educational forums, opportunity for volunteer leaders to exchange best practices and set the course for the new year.
