NSTAC to discuss current activities, ongoing cybersecurity initiatives at upcoming meeting

The Cybersecurity and Infrastructure Security Agency (CISA) published on Monday a notice in the Federal Register of the Federal Advisory Committee Act (FACA) meeting. The open session NSTAC (National Security Telecommunications Advisory Committee) meeting has been scheduled for May 24 and will be partially closed to the public.

The NSTAC will meet to discuss current NSTAC activities and the government’s ongoing cybersecurity and NS/EP communications initiatives. The open session will include a keynote address, deliberation, and vote on the NSTAC Report to the President on Enhancing U.S. Leadership in International Communications Technology Standards. Additionally, there will be a status update from the NSTAC Information Technology and Operational Technology (IT/OT) Convergence Subcommittee.

NS/EP telecommunications refers to national security or emergency preparedness telecommunications of the U.S. It covers the telecommunications services used to maintain a state of readiness or to respond to and manage any event or crisis (local, national, or international) that causes or could cause injury or harm to the population, damage to or loss of property, or degrade or threaten the national security or emergency preparedness posture of the U.S. 

The committee will also meet in a closed session. During that time, senior government intelligence officials will provide a threat briefing concerning NS/EP communications threats and engage NSTAC members in a follow-on discussion. The NSTAC members and senior government officials will also discuss potential NSTAC study topics.

In line with FACA provisions, it has been determined that a portion of the schedule requires closure, as the disclosure of the information that will be discussed would not be in the public interest.

These agenda items include classified threat briefing and discussion, which will allow NSTAC members to discuss information concerning threats to NS/EP communications with senior government intelligence officials, and potential NSTAC study topics discussion. The briefing is anticipated to be classified at the top-secret/sensitive compartmented information level. 

“Disclosure of these threats during the briefing, as well as vulnerabilities and mitigation techniques, is a risk to the nation’s cybersecurity posture, since adversaries could use this information to compromise commercial and government networks,” the Federal Register notice said. Therefore, subjects discussed during the potential study topics discussion are tentative and under further consideration by the committee.

The NSTAC IT/OT Convergence Subcommittee noted in February in a status update on the progress that the subcommittee that it will develop a report that examines the key challenges of securing OT systems against threats that emerge from IT network connections and identifies emerging approaches to the increased OT resiliency to these threats, including through adaptations of IT security approaches to accommodate OT design constraints. 

The development came in the light of recent attacks on critical infrastructure, highlighting the many challenges involved in securing OT and underscoring the difficulty in developing patches for and deploying industrial control systems (ICS) and other technologies used in OT. Furthermore, the ​​report stated that the subcommittee is extending invitations to individuals to brief the subcommittee and asked NSTAC members to provide recommendations for potential briefers or additional sub-committee members.

Anna Ribeiro

Industrial Cyber News Editor. Anna Ribeiro is a freelance journalist with over 14 years of experience in the areas of security, data storage, virtualization and IoT.