US government and industry expand AI and critical-infrastructure cyber information sharing efforts
US cybersecurity officials said work is underway to stand up new and expanded government–industry mechanisms for sharing threat intelligence, with a particular focus on AI security and operational technology (OT) risks to critical infrastructure. CISA executive assistant director Nick Andersen said an AI Information-Sharing and Analysis Center (AI-ISAC) ordered by the White House is still in an “ongoing policy dialogue” phase, with stakeholders trying to resource the effort and avoid duplicating existing private-sector information-sharing initiatives; he also said there is no launch timeline and described the effort as moving through a “pre-decisional” process. In parallel, Andersen said DHS/CISA is planning a replacement for the disbanded Critical Infrastructure Partnership Advisory Council (CIPAC), aiming to correct gaps in the prior structure—particularly the lack of an explicit cybersecurity charter—and to enable more targeted focus groups on issues such as undersea cables and OT systems.
Separately, the White House Office of the National Cyber Director said it is developing an AI security policy framework intended to embed security controls into AI “tech stacks” in coordination with the Office of Science and Technology Policy, citing risks such as data poisoning and the potential for agentic capabilities to accelerate intrusions. In the private sector, the Manufacturing ISAC (MFG-ISAC) reported increased collaboration to address rising threats to manufacturing, including OT-focused initiatives such as tabletop exercises, OT training, and development of incident response playbooks and OT threat guidelines, alongside preparation for updated CMMC requirements—reinforcing the broader push toward structured, sector-based information sharing and readiness for critical-infrastructure cyber threats.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
7 events from the most recent confirmed update back to the earliest known activity.
ONCD says release of a new National Cyber Strategy has been delayed
National Cyber Director Sean Cairncross said ONCD is also preparing a short National Cyber Strategy focused on offensive cyber operations, deregulation, and workforce development, but its release has been delayed. He said it would be released 'sooner rather than later' without giving a date.
CISA says it is designing a CIPAC replacement panel
CISA said it is working on a replacement for CIPAC to enable broader and more targeted discussions on cybersecurity and operational technology risks, including issues such as undersea cables. Officials said the new structure is intended to improve engagement and give more critical infrastructure stakeholders a substantive voice.
CISA says AI-ISAC development is underway with no launch timeline
CISA said stakeholders are engaged in ongoing policy discussions to stand up the AI-ISAC ordered by the White House, but officials said there is no current timeline for completion or launch. The effort was described as pre-decisional and aimed at avoiding duplication of existing private-sector information-sharing initiatives.
ONCD begins crafting a White House AI security policy framework
The White House Office of the National Cyber Director, working closely with the Office of Science and Technology Policy, began developing an AI security policy framework intended to build security into U.S.-led AI technology stacks. Officials said the effort is meant to make security foundational to AI innovation rather than a barrier.
DHS disbands the Critical Infrastructure Partnership Advisory Council
The Department of Homeland Security disbanded the Critical Infrastructure Partnership Advisory Council, prompting work on a replacement structure for critical infrastructure cybersecurity and OT discussions. The exact date was not specified in the references.
Anthropic says suspected Chinese hackers used its AI tool in intrusions
Anthropic said in November that suspected Chinese hackers used its AI tool to automate a large portion of a hacking operation targeting about 30 organizations worldwide. The disclosure highlighted the growing risk of agentic AI being used to scale cyber operations.
White House orders development of an AI information-sharing center
The White House directed the creation of an AI-focused Information Sharing and Analysis Center to monitor and share information on AI-related cyber threats, vulnerabilities, and incidents across government and industry. The order was described in February 2026 as having been issued the previous year.
Related entities
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
Sources
3 references tracked. Mallory keeps watching after this page renders.
What’s next for DHS’s forthcoming replacement critical infrastructure protection panel, AI information sharing | CyberScoop
cyberscoop.com
Open sourceAI info-sharing center is in development, CISA official says - Nextgov/FCW
nextgov.com
Open sourceWhite House cyber shop is crafting AI security policy framework, top official says - Nextgov/FCW
nextgov.com
Open sourceSee the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
US Government Pushes Cybersecurity and AI Resilience for Critical Infrastructure
The U.S. government is advancing multiple **critical infrastructure cybersecurity** initiatives focused on resilience, public-private coordination, and the secure adoption of **AI**. National Cyber Director Sean Cairncross said the administration wants AI to be **secure by design**, framing technical security as an enabler of innovation rather than a barrier. The approach includes closer collaboration with private industry, expanded threat-information sharing, federal support for offensive cyber operations, and new mechanisms for AI companies to coordinate on threat response while the administration revises earlier policies it views as constraining competitiveness. The Department of Energy is preparing to release its first cybersecurity strategic plan to strengthen defenses for the **power grid** and improve preparedness for cyber and physical incidents affecting the energy sector. That effort is expected to deepen coordination with private operators and evaluate AI investments that could help defend critical infrastructure against AI-enabled threats. A separate article on why attacks against critical national infrastructure are dangerous is **not about this same policy development**; it is a general explainer on infrastructure targeting and disruption rather than reporting on the U.S. government’s current AI and energy cybersecurity initiatives.
May 8, 2026
Trump Administration Cyber Strategy Emphasizes Secure AI Adoption and Industry Coordination
The White House Office of the National Cyber Director (ONCD) said a forthcoming U.S. national cyber strategy will prioritize **rapid but secure adoption of AI** for cyber defense, aiming to expand the use of AI-enabled tools to *detect, divert, and deceive* threat actors without unintentionally widening the attack surface. ONCD policy lead Alexandra Seymour also highlighted plans to advance U.S. **AI cybersecurity standards**, establish industry best practices for secure AI deployment, and pursue “counter-AI” efforts to protect frontier models and counter adversary use of AI. The strategy is also expected to include a pillar focused on strengthening the cybersecurity workforce by aligning curriculum, workforce standards, cyber literacy, and job placement across government, industry, and academia. Separately, ONCD indicated U.S. cyber responses will be more explicitly **linked to adversary actions** and will require closer coordination with **state/local governments and critical infrastructure owners/operators**, reflecting a more assertive posture driven in part by recent high-profile intrusions into U.S. critical infrastructure (including telecom). In parallel with these federal strategy signals, the U.S. Treasury Department announced it will publish a set of resources created by a public-private coalition to improve **cyber risk management for AI systems in the financial sector**, intended to support secure AI adoption as banks expand AI use for fraud detection, customer service, trading, and risk modeling—areas that can introduce new vulnerabilities due to sensitive data dependencies and third-party/vendor exposure.
Mar 21, 2026
AI Security Risks and Guidance for Critical Infrastructure and Enterprises
Recent developments highlight the growing security risks associated with the integration of artificial intelligence (AI) into enterprise and operational technology (OT) environments. The U.S. Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with several international partners, has released new guidance outlining key principles for the secure deployment of AI in OT systems, emphasizing the need for critical infrastructure operators to address unique risks such as process model drift and safety-process bypasses. This guidance is expected to influence regulatory approaches as organizations rapidly adopt AI technologies, often without sufficient security rigor. Concurrently, research from NVIDIA and Lakera AI has introduced a comprehensive framework for evaluating the safety and security of agentic AI systems, which autonomously plan and make decisions, revealing new classes of risks including prompt injection, memory poisoning, and tool misuse that can lead to harmful outcomes even when underlying models function as intended. Industry leaders and CISOs are increasingly recognizing the necessity of offensive security strategies and holistic approaches to address the evolving threat landscape, particularly as AI-driven attacks become more sophisticated. The energy sector, for example, faces heightened threats due to geopolitical tensions and the proliferation of AI-enabled attack tools, prompting calls for multilayered security concepts and proactive measures. As enterprises and critical infrastructure operators accelerate AI adoption, the convergence of new technical frameworks, regulatory guidance, and evolving security practices underscores the urgent need for robust, adaptive defenses against emerging AI-related threats.
Mar 21, 2026