63.5 F
Washington D.C.
Wednesday, February 8, 2023

PERSPECTIVE: RE-ISAC Working to Secure the Facilities That House America’s Economy

The buildings that house America’s economy and a large segment of its population – places where we work, live, eat, play, stay and shop – are all considered commercial facilities.

Terrorism continues to pose a clear and present danger to our nation, to the American economy and to the commercial facilities sector. Since the terrorist attacks of Sept. 11, risk mitigation, building security and emergency response planning have figured prominently in the prudent management of commercial and multifamily real estate properties. After all, facilities such as hotels, shopping malls and office buildings provide a setting where large numbers of people congregate, they provide space for America’s economy to operate, and they represent assets worth billions of dollars, owned by investors large and small.

The Real Estate Information Sharing and Analysis Center (RE-ISAC) — www.reisac.org — is a public-private partnership between the U.S. commercial facilities sector and federal homeland security officials organized by The Real Estate Roundtable in February 2003. The RE-ISAC proactively manages risk and strengthens the security and resilience of the U.S. commercial facilities/real estate critical infrastructure.

PERSPECTIVE: RE-ISAC Working to Secure the Facilities That House America’s Economy Homeland Security TodayThe RE-ISAC is the designated conduit of terrorism, cyber and natural hazard warning and response information between the government and the commercial facilities sector, which has a dominant influence on the nation’s economy. 

Strengthening the security and resilience of the commercial facilities sector remains a top RE-ISAC priority, and is an important aspect of managing any facility where people live, work, shop, and play.

The Department of Homeland Security (DHS) defines the commercial facilities sector as “a diverse range of sites that draw large crowds of people for shopping, business, entertainment, or lodging. Facilities within the sector operate on the principle of open public access, meaning that the general public can move freely without the deterrent of highly visible security barriers. The majority of these facilities are privately owned and operated, with minimal interaction with the federal government and other regulatory entities.”

It is the policy of the United States to strengthen the security and resilience of its critical infrastructure against both physical and cyber threats. The Federal Government shall work with critical infrastructure owners and operators and (State, Local, Tribal and Territorial) entities to take proactive steps to manage risk and strengthen the security and resilience of the Nation’s critical infrastructure, considering all hazards that could have a debilitating impact on national security, economic stability, public health and safety, or any combination thereof.” – Presidential Policy Directive 21, “Critical Infrastructure Security and Resilience” (Feb. 12, 2013)

The framework for public-private response via Information Sharing and Analysis Centers (ISACs)[1] was established in 1998 by Presidential Decision Directive 63, Protecting America’s Critical Infrastructure, creating a series of ISACs. Each critical infrastructure sector was tasked with establishing an ISAC to serve as the mechanism for gathering, analyzing, appropriately sanitizing and disseminating private sector information to both industry and federal government officials.

The RE-ISAC operates in full compliance with Presidential Policy Directive 21, “Critical Infrastructure Security and Resilience” (Feb. 12, 2013), which mandates that the public and private sectors share information about physical and cybersecurity threats and vulnerabilities to help protect U.S. critical infrastructure. The RE-ISAC includes the entire commercial facilities sector critical infrastructure (CI) component of the U.S. economy.

In response to these ongoing threats, the RE-ISAC has brought together industry organizations to work together with federal, state and local law enforcement and intelligence agencies to prevent, detect and respond to terrorist threats and malicious incidents.

These risk mitigation endeavors tie into a broader risk management strategy to help the commercial facility sector more effectively address these perils. With the nation’s Terrorism Risk Insurance Program set to sunset at the end of 2020, the industry is beginning to lay the foundation for its reauthorization. There is no homeland security without economic security, and the Terrorism Risk Insurance Program has helped protect the American economy since its enactment in 2002 at virtually no cost to the taxpayer.

In the years since 9/11, the array of threats facing our nation and the commercial facilities sector have not diminished. Instead they continue to expand and evolve. Many of the catastrophic physical incidents that have impacted the sector, our nation and the American psyche have brought new challenges to our lives, our economy and our way of life. Boston, Chattanooga, San Bernardino, Orlando, Charlottesville, New York, Las Vegas, and Pittsburgh are all reminders that we must be ever-vigilant.

But the threats aren’t limited to man-made violent attacks. Each day, we contend with challenges from a changing climate in the form of severe hurricanes and storms, other natural perils such as earthquakes, and health threats.

Yet, the ever-shifting presence of cyber threats is a growing threat to our sector as facilities of all types rapidly increase their networked presence. Through enhanced building automations, security systems, industrial controls, smart devices, phishing scams and various other endpoints in the connected world, the RE-ISAC is proactively engaged in addressing cyber threats. As we look at recent incidents – from blended threats like Triton/Trisis malware[2] or complex threats where physical and cyber incidents[3] have supported one another – we get a sense for some of the ways that these threats can pose catastrophic challenges across the sector.

The RE-ISAC works closely with our federal partners, to include the FBI and DHS’ National Cybersecurity and Communications Integration Center (NCCIC), to coordinate cybersecurity analysis and collaborative activities. Through these relationships and its information-sharing network, the RE-ISAC engages in operational efforts to coordinate activities supporting the detection, prevention, and mitigation of a full range of physical, data, and cyber threats to the nation’s critical infrastructure.

As those varied challenges threaten the commercial facilities sector, the RE-ISAC will continue to support the critical infrastructure protection mission of the sector by providing information and analysis on a full range of potential cyber and physical threats, aiding our members in developing risk management and mitigation strategies. Such a strategy is critical to effectively responding to potential incidents affecting their assets and the people in them and to be able to restore normal operations as soon as possible following disruptions. The RE-ISAC works closely with members and across the critical infrastructure and public-private communities. As a member of the National Council of ISACs, RE-ISAC personnel have helped to coordinate preparedness activities by enhancing cross-sector coordination, communications and collaboration among ISACs, government partners and private sector colleagues. By supporting mutual threat awareness and analysis via daily information exchanges, the RE-ISAC has helped improve the collective security and preparedness of our nation’s critical infrastructure.

In short, the RE-ISAC continues to serve every day to enhance the security and resilience of the commercial facilities sector, and our critical infrastructure and neighborhood security partners, to help support our collective homeland security. As the president stated in this year’s Presidential Proclamation on Critical Infrastructure Security and Resilience Month: “The world today relies on critical infrastructure… that is increasingly complex, interconnected, and interdependent. During Critical Infrastructure Security and Resilience Month, we emphasize the vital role of strong national infrastructure in the national and economic security of our Nation. By mitigating risks to our critical infrastructure, we can keep America safe, healthy, and prosperous.”

As we recognize National Critical Infrastructure Security and Resilience Month, the RE-ISAC thanks the women and men throughout the commercial facilities sector who work tirelessly each day – at their facilities, with their partners, and with the RE-ISAC – to help foster a safe and secure environment so all of us can continue to enjoy our local communities,  America’s beautiful cities and all the many places we live, shop, work and play – secured by the professionals of the commercial facilities sector.

To learn more about participating in the RE-ISAC, please go to www.reisac.com.


Andy Jabbour leads Gate 15, which provides analytical and preparedness support to the RE-ISAC.

The views expressed here are the writer’s and are not necessarily endorsed by Homeland Security Today, which welcomes a broad range of viewpoints in support of securing our homeland. To submit a piece for consideration, email HSTodayMag@gtscoalition.com. Our editorial guidelines can be found here.

[1] PDD-63 would later be updated by Homeland Security Presidential Directive 7, “Critical Infrastructure Identification, Prioritization, and Protection”, signed 17 December 2003, and Presidential Policy Directive 21, “Critical Infrastructure Security and Resilience,” dated 12 February 2013.
[2] A computer virus engineered to sabotage industrial control systems [ICS].
[3] Such as demonstrated in a story coming from Germany, where physical protests were held as a cyberattack – in that case a DDoS – was also conducted.
Clifton Rodgers
Clifton E. (Chip) Rodgers, Jr. has successfully represented commercial real estate’s stake in the national policy arena on a broad range of legislative and regulatory issues for over two decades, serving as the principal strategist and advocate on a broad range of federal legislative and regulatory issues – financial services, homeland security, risk management, energy, environment, tax and trade¬ – representing the leadership of the nation’s top private and publicly-held real estate ownership, investment, lending and management firms, as well as the elected leaders of the 17 national real estate industry trade associations. Rodgers coordinates the Roundtable’s Real Estate Capital Policy Advisory Committee and works extensively on various legislative and regulatory measures affecting credit capacity and capital formation. Since 9/11, he has worked extensively on terrorism risk management and mitigation issues, playing a leading role in the enactment of the Terrorism Risk Insurance Act (TRIA) and its subsequent extensions. Rodgers coordinates the organization’s Homeland Security Task Force and serves as Executive Director of the Real Estate Information Sharing and Analysis Center (RE-ISAC) – the commercial facilities sector’s primary information sharing conduit to counter threats and protect facilities from terrorism, cyber and natural hazards. Rodgers served as a Senior Fellow of George Washington University’s Center for Cyber & Homeland Security (CCHS) and the Preparedness and Infrastructure Resilience Task Force from 2015 through 2017. From 2004 to 2016, Rodgers served on the Board of Directors, the Compliance and Personnel and Compensation Committees and chaired the Audit Committee of The Bank of Georgetown – a $1.3 billion bank based in Washington DC. Rodgers was appointed by President George W. Bush to serve as an Industry Trade Advisor to the Office of the U.S. Trade Representative to help formulate U.S. trade policy and aid the Administration in advancing its trade agenda to improve economic opportunities for American businesses. Rodgers also served as an adjunct professor at Georgetown University’s McDonough School of Business, the Editorial Board of BNA’s Real Estate Law & Industry Report, the RAND Corporation’s Center for Terrorism Risk Management Policy Board, as well as a number of other civic and educational boards. Rodgers was also appointed by President George H. W. Bush to direct the U.S. Treasury Department’s office of business liaison, where he focused on a broad range of tax, trade and credit issues affecting America’s business and financial services sectors.

Related Articles

- Advertisement -

Latest Articles