ANCHOR-CI: The Partnership Framework Returns, the Liability Shield Does Not
By Patrick Miller
DHS just reopened the closed-door forum where critical infrastructure operators and federal agencies compare notes on cyber threats in private. The legal protection that once made those conversations safe did not come back with it. ANCHOR-CI restores the room and leaves the shield behind, and here is what that changes for anyone who plans to speak in it.
Overview
On July 1, 2026, the Department of Homeland Security published a notice establishing the Alliance of National Councils for Homeland Operational Resilience – Critical Infrastructure, or ANCHOR-CI. Much of the trade coverage has framed it as coordination restored, and that reading is fair: the closed-door forums that connected owners and operators to their government counterparts for nearly two decades now have a successor. It is also incomplete. The framework has been rebuilt, but a load-bearing support is not yet in place, and it returns at a moment when the ground beneath it is unsettled.
For every critical infrastructure sector, this is a governance change, not a regulatory one. ANCHOR-CI creates no obligation, audits nothing, and enforces nothing. Whatever mandatory regime already governs a sector, from the enforceable reliability standards that bind the bulk power system to the security directives that bind pipelines, sits exactly where it was on June 30. Where no such regime exists, as in the chemical sector since the CFATS authority lapsed, ANCHOR-CI creates none either. What changes is the scaffolding around the voluntary work the mandatory work depends on: the threat sharing, the joint planning, the candid naming of a vulnerability no single operator wants to raise first. That scaffolding was already under strain, and this notice reshapes it while its legal and financial underpinnings erode on more than one front.
What ANCHOR-CI Is: An Advisory Umbrella, Not a Regulatory Instrument
ANCHOR-CI is established under Section 871(a) of the Homeland Security Act, codified at 6 U.S.C. 451(a), the authority that lets the Secretary exempt an advisory body from the Federal Advisory Committee Act. That exemption is what keeps meetings closed to the public, and it is the same mechanism CIPAC used from 2006 forward, which brings continuity to the confidentiality of deliberations. The duties are solely advisory: ANCHOR-CI submits advice, recommendations, and reports to the Department through the CISA Director, and it obligates no participant to do anything.
The body may consist of four council types. Sector councils carry forward the Sector Coordinating Council and Government Coordinating Council structure grounded in the sector architecture that Section 9002 of the FY2021 NDAA codified at 6 U.S.C. 652a. Cross-sector councils address the interdependencies that link power, water, and communications. Industry councils serve industries that span sectors without fitting cleanly in one, drawing on the critical-infrastructure definition at 42 U.S.C. 5195c(e). Regional councils are the new addition, discussed below.
The participant terms reward a close read before anyone nominates a representative. Non-federal individuals serve as representatives of their sectors or organizations, not as special government employees under 18 U.S.C. 202(a), which keeps them clear of the federal conflict-of-interest regime; they serve without compensation and may sign gratuitous-services and non-disclosure agreements. Subject matter experts sit in a narrower box, brought in ad hoc, bound by the same agreements, and barred from the deliberations and recommendations themselves, which makes them advisors to the room rather than voices in it.
Memberships run in two-year terms tied to the charter, council leadership is capped at two consecutive terms, and the whole structure is authorized for two years and renewable indefinitely under 6 U.S.C. 451(b). It persists at the Secretary's discretion and dissolves entirely if the charter lapses.
What It Replaces, and Why the Manner of Replacement Matters
CIPAC was terminated in March 2025 under Executive Order 14217, which swept away a set of discretionary advisory committees at once, and the vacuum that followed was real: several sectors stopped discussing sensitive issues with the government because the forum that made those discussions both private and protected no longer existed. The restoration corrects the vacuum. It does not restore the model.
The most consequential line in the notice requires the CISA Director to approve membership for all councils, including entities, individual participants, and subject matter experts, all of whom “serve in ANCHOR-CI at the pleasure of the CISA Director.” Under CIPAC the sector coordinating councils were self-organized and self-governed, and the private sector chose its own representatives. ANCHOR-CI centralizes that authority. The Sector Risk Management Agencies still review and recommend, so this is not a total federal takeover of the roster, but final approval and removal now rest with one official. That substitutes appointment for self-determination and makes participation contingent on standing rather than on sector consensus.
Nowhere is that inversion more consequential than in the electric sector, whose most well-known coordination apparatus is unusually mature and executive-led. The Electricity Subsector Coordinating Council is CEO-led and self-organized, built primarily on the industry's three asset-owner trade associations, APPA, EEI, and NRECA, with support from NERC, rather than established by federal charter. It has long served as the sector's principal liaison to government while operating alongside the E-ISAC, which NERC runs, and the Cyber Mutual Assistance program, channels the industry built and staffs itself rather than ones government convenes. That self-organizing tradition is what now meets a framework in which a federal official approves council membership, and how the sector's own bodies relate to that approval logic is not yet settled. It is not a reason to stay out. It is a reason to decide the terms of engagement deliberately.
The Gap: An Exemption from Transparency Is Not a Shield from Liability
Here is the distinction most likely to be lost in the coverage and most likely to drive legal review. The FACA exemption protects the confidentiality of deliberations. It does not protect the participants. Two operators discussing a shared supply chain exposure in a closed council are shielded from the public seeing the transcript, but not, by that exemption alone, from antitrust scrutiny for having coordinated or from civil liability for what one disclosed to the other. Industry counsel treated CIPAC meetings as carrying that protection. The notice is silent on it, and closed doors without a liability shield make for a room people enter more carefully.
The timing sharpens the point past coincidence. The substantive protection industry relies on for cyber threat sharing does not come from CIPAC; it comes from the Cybersecurity Information Sharing Act of 2015, which supplies the antitrust protection, the FOIA exemption, the limits on regulatory use, and the liability limits that make an operator willing to hand a threat indicator to a peer or the government. That statute lapsed on September 30, 2025, was restored through a short extension, and now runs only through September 30, 2026. And even at full strength it is only a partial fit, since its protections are cleanest for one-to-one sharing between a company and the government rather than for the multilateral council setting that CIPAC's closed meetings were understood to cover and that the notice leaves unaddressed. ANCHOR-CI stands up in July 2026, roughly ten weeks before the foundation beneath candid sharing expires unless Congress acts, and the long-term reauthorization vehicle has not moved.
Restoring the room while the protection expires is not a solution to the information-sharing problem. It is a well-built room with the lights on a timer.
The CIRCIA Counterpoint: the Reporting Mandate Carries the Shield the Advisory Forum Misses
The other federal instrument moving in parallel is CIRCIA, the Cyber Incident Reporting for Critical Infrastructure Act of 2022, whose implementing rule is still unwritten. CISA published the proposed rule in April 2024, missed the October 2025 statutory deadline, and let its own May 2026 target pass. After a lapse in DHS funding pushed the spring stakeholder sessions off the calendar, CISA rescheduled them to June 15 through 18, 2026, in a notice that cast the round as a further chance to narrow the proposal's scope and burden. No final rule has published, and a proposal still being pared for scope this late is one whose timing and final shape are both open. So the mandate is coming but not yet binding: covered entities across the sixteen critical infrastructure sectors will owe CISA a report within seventy-two hours of a covered incident and within twenty-four hours of a ransom payment, though only once the rule is final and its effective date arrives.
What a careful operator notices underneath all that motion is the liability asymmetry between the two channels. CIRCIA arrives with a statutory shield for what an operator reports, codified at 6 U.S.C. 681e: no cause of action may be brought solely on the fact or content of a CIRCIA report, the reports and the materials prepared to file them are barred from evidence and discovery, they are exempt from FOIA, they waive no privilege, and information drawn solely from them cannot be used to regulate the reporting entity. That protection is written into the 2022 statute, which means it depends neither on the 2015 Act's voluntary-sharing provisions it was modeled on, now expiring on September 30, 2026, nor on when CISA finally issues the rule. ANCHOR-CI offers none of it. Its FACA exemption closes the meeting, but as the earlier section laid out, a closed meeting is not a liability shield, and the backstop for candid council sharing is the very protection set to lapse. The same operator therefore stands on firmer legal ground reporting an incident to CISA than discussing that incident in the ANCHOR-CI council convened to make sense of it.
That asymmetry matters most where the two instruments are supposed to connect. The hoped-for payoff is a loop: CISA and the Sector Risk Management Agencies feed aggregated incident patterns into the councils, and operators turn that visibility into shared defense. But the shield does not travel with the data. CIRCIA's protections attach to the report, not to the council room, and the charter does not mention CIRCIA at all. So the moment a council conversation shifts from reviewing an aggregated trend to comparing one operator's exposure against another's, it re-enters the unprotected space the liability section already flagged. Right now the gap is wider still, because the advisory umbrella already exists while the reporting mandate that carries the shield does not. The pairing is complementary by design and thin on legal protection, and the operators who get the most from it treat the reporting obligation and the council conversation as two separate risk surfaces.
The Regional Pivot: State, Local, and the Rural Mandate
Regional Coordinating Councils are the structural expression of Executive Order 14239, the March 2025 order that reoriented federal preparedness policy around state, local, and individual ownership and directed agencies to shift from an all-hazards posture toward a risk-informed one. The notice ties regional councils to that order and requires them to ensure access and representation for entities in rural areas, defined at 49 U.S.C. 5302(17). For federally regulated infrastructure, jurisdiction and enforcement remain federal, and a regional council does not touch that. For the entities closest to the community level, the municipal utilities, the rural cooperatives, the smaller water and transportation systems, the emphasis is more real, pointing toward deeper engagement with state regulators and emergency management as the presumed first line. The explicit naming of rural entities is a genuine signal for segments that have historically had thinner access to threat intelligence and fewer resources to act on it. Whether a regional council delivers that access or merely relocates the coordination burden onto governments less equipped to carry it is the open question.
The Federation Tradeoff: What Devolution Costs, and Who Carries It
That question opens onto a larger one about devolution itself, and it deserves to be weighed on its structure rather than its politics. Local ownership has real logic: operators know their own systems, national templates fit diverse infrastructure poorly, and states can move faster than a federal process. The concern is not whether local ownership has merit but whether it produces resilience without a common floor beneath it, and several structural features suggest the answer is uneven.
The first is that an interconnected system is only as secure as its weakest node, and the grid, along with the water and pipeline networks that cross state lines, is organized by interconnection rather than by boundary. A well-resourced state can build genuine capability; a neighbor with one overworked generalist cannot, and an adversary inside the second reaches the first regardless. Devolution converts a single baseline into dozens of variances, and the variance is the exposure.
The second is economic: collective protection is a public good, and public goods are underfunded when responsibility for paying is fragmented, because each jurisdiction invests to its own private return while much of the benefit flows to its neighbors. Localizing responsibility does not localize consequence.
The third is that the same economics turn regressive under voluntary or fee-based models, where protection tracks ability to pay rather than where risk concentrates. When federal funding for the state and local sharing hub ended in September 2025 and it moved to paid membership, the entities most likely to fall away were the smallest and most rural, the ones least able to rebuild the capability alone. The electric sector offers a contrast in funding architecture rather than politics: the E-ISAC is funded through NERC as part of the ERO rather than by annual appropriation, which insulates it from the volatility that reshaped the state and local hub, a reminder that how a sharing body is funded often decides whether it survives a lean year.
The fourth concern is the loss of pattern. A central hub lets a technique striking a dozen jurisdictions reveal a campaign none could see alone, and fewer members means fewer reports and a thinner product for all who remain. Against a coordinated adversary operating at national scale, a defense broken into local pieces gives the aggregation advantage to the attacker.
The fifth concern is accountability, which diffuses as ownership spreads. When resilience belongs to everyone, no one clearly owns the seams between jurisdictions, and an incident that crosses state lines finds authority ending exactly where the intrusion continues, with no single actor positioned to coordinate the response. Shared ownership is not the same as clear ownership, and adversaries operate in the gap between the two.
The sixth concern is institutional memory, which is quick to dismantle and slow to rebuild. The relationships, the trusted channels, and the tooling that a national sharing function accumulates take years to assemble and hold; capacity of that kind can be dissolved in a single budget cycle and reconstituted only over a much longer one, if at all, and the interval between the two is an interval of exposure.
The seventh concern falls on the operator rather than the system, and it grows with reach. An entity spanning many states faces many regional relationships in place of one: several councils to staff, several cadences to track, several sets of priorities to reconcile, all drawing on the same finite pool of security personnel, so the same briefing is consumed several times and every hour in a coordination meeting is an hour not spent defending the network. For an entity spanning multiple infrastructure types the burden compounds along a second axis, because a company running electric, water, and gas sits in several sector conversations, each with its own Sector Risk Management Agency, its own approval process, and its own mandatory baseline underneath. Layer the regional dimension on the sectoral one and the operator faces a matrix of forums, sectors multiplied by regions, none relieving the others. The organizations most exposed to this multiplication are often the large multi-state, multi-sector operators whose footprint is the reason their participation is wanted, and a structure that consumes their limited capacity with coordination overhead risks buying breadth of engagement at the price of depth of defense. Whether that tradeoff is worth making depends entirely on whether a common floor sits beneath the devolved responsibility.
For EU Owners/Operators with US Footprints: How ANCHOR-CI Differs from the Structures You Know
If your organization already lives under NIS2 and the electricity Network Code on Cybersecurity at home and also runs assets in the United States, the most useful thing to understand about ANCHOR-CI is what it is not. In Europe, coordination and obligation arrive together in binding law: NIS2 imposes mandatory risk-management and reporting across eighteen sectors, the Critical Entities Resilience Directive carries the physical and all-hazards side with its scope aligned to NIS2, and the Network Code sets sector-specific rules for the grid. ANCHOR-CI carries none of that weight. It is a voluntary advisory body that creates no obligation and sits entirely apart from whatever US mandatory regime applies to you, which for grid assets is NERC CIP rather than anything in this notice. It will mislead you if you read it as a compliance instrument in the way you would read NIS2. Instead, read as a partnership channel.
The differences that matter to you are three, and each inverts an assumption the European system trains. The first is where the candid conversation happens. At home your strategic cooperation runs through government-to-government structures, the NIS Cooperation Group, the CSIRTs Network, and EU-CyCLONe, while the sector conversation lives in an ISAC you help populate, the EE-ISAC for energy. In the US the closed-door public-private forum is ANCHOR-CI itself, but its roster is federally approved and managed, since the CISA Director approves membership, a different logic from the Member-State designation you are used to.
The second is the confidentiality of what you share. Europe handles that by regulation, with ACER guidelines prescribing how information exchanged under the Network Code is anonymised and aggregated. ANCHOR-CI relies instead on a transparency exemption that closes the meeting but does not shield the participant, and the statutory backstop for US sharing expires on September 30, 2026, so the regulatory-grade protection you take for granted at home has no clean US equivalent.
The third is resilience as a word against resilience as law. You already live operational resilience as codified obligation, in CER and in DORA for finance; in the US the same vocabulary is identity rather than a binding regime, so do not assume equivalent duties attach because the name is familiar.
Some directional pointers:
Treat ANCHOR-CI as a relationship and intelligence channel, not a compliance line item, and keep it separate on your US risk register from the mandatory obligations that actually bind your American assets.
Route the operational value through the US sector ISAC, the E-ISAC for grid operators, since that is where the threat sharing you rely on in the EE-ISAC has its US counterpart.
Before your people speak candidly in any US council, put the liability and antitrust posture in front of US counsel rather than assuming the regulatory cover you have under the Network Code travels with you.
And watch the CISA 2015 sunset the way you would watch a directive under review, because it sets the legal footing for the very sharing ANCHOR-CI is meant to host.
| Dimension | United States: ANCHOR-CI | European Union |
|---|---|---|
| Legal basis | Advisory body under Section 871 of the Homeland Security Act, exempt from the Federal Advisory Committee Act. No binding force. | Binding directives (NIS2 and CER) and the electricity Network Code on Cybersecurity. |
| Nature of obligation | Solely advisory. Creates no requirement, audits nothing, and enforces nothing. | Mandatory risk management and incident reporting, backed by supervision and penalties. |
| Coordination forum | Closed, FACA-exempt councils across four types: sector, cross-sector, industry, and regional. | Government-to-government structures (NIS Cooperation Group, CSIRTs Network, EU-CyCLONe), with industry engagement through sector ISACs. |
| Membership control | The CISA Director approves membership for all councils; Sector Risk Management Agencies review and recommend. | Member States designate their own competent authorities and identify covered entities. |
| Confidentiality and liability of shared information | FACA exemption closes meetings, but participant liability protection is unaddressed in the notice; the CISA 2015 statutory backstop expires September 30, 2026. | Addressed by regulation. ACER guidelines protect information shared under the Network Code, including methods to anonymise and aggregate. |
| Resilience framing | "Operational resilience" appears in the name; the body itself is advisory only. | Codified in law: the CER Directive for critical entities, and DORA for the financial sector. |
| Federation model | Regional councils push ownership to state and local levels (EO 14239), advisory only and without a funded common floor. | Subsidiarity by design: decentralized execution resting on a common, mandatory baseline. |
| Electric-sector bodies | The ESCC (industry, CEO-led, self-organized) and the E-ISAC (run by NERC). | The EE-ISAC, with ENTSO-E and the EU DSO Entity under the Network Code's European Stakeholder Committee. |
What ANCHOR-CI Does and Does Not Change
The temptation is to treat structural change in Washington as an operational emergency in the field, and it is not. ANCHOR-CI changes the partnership environment and leaves the compliance environment untouched; whatever enforceable regime governs a sector is identical to last week, and nothing in an advisory body that issues recommendations creates a requirement anyone can be found in violation of. The posture is attention, not alarm.
For owners and operators, there is nothing to sign up for yet, since the notice is explicitly not a solicitation for membership. The thing to watch is how the sector councils reconstitute under the new approval regime, and whether the sharing channels an organization already relies on are affected.
For compliance and legal leaders, the message upward is narrow: no new obligation and no new audit risk, and any framing of this as a compliance event should be corrected before it spreads, with the one live legal question being the liability posture of what is said inside these councils, which belongs in front of counsel now rather than in September.
For procurement and supply chain teams, the liability gap is concrete, because if group conversations about vendor and component risk lose their protective assumptions, the venue for candidly comparing exposures narrows exactly as those conversations grow more urgent.
For executives and government-affairs leaders, participation now runs through federal approval rather than sector self-selection, and positioning inside a structure an organization no longer fully controls is a choice worth making deliberately.
For the electric sector specifically, the E-ISAC and ESCC carry the operational value and sit somewhat apart from this restructuring because the ESCC was never federally chartered; the question to track is whether those industry-run channels keep operating above the framework or get drawn into its approval logic.
What It Means for the ISACs and ISAOs: An Umbrella Over the Operational Layer
ANCHOR-CI sits above the sharing bodies operators already belong to; it does not replace them. The ISACs are the operational, sector-based centers that move threat information and run incident coordination, tied together by the National Council of ISACs. The ISAOs are the broader 2015 category for groups outside the sixteen sectors, with an ISAC being a sector-based type of ISAO. ANCHOR-CI convenes to advise and recommend, not to move indicators. It is the roof, not the plumbing.
Two shifts still reach them. Their council seats are now approved by the CISA Director rather than filled by the sector, the same inversion the sector councils face. And the shield that makes sharing possible draws on the same 2015 Act protections set to lapse on September 30, 2026, so the erosion runs through the operational layer too. ANCHOR-CI adds a venue, not a protection.
Energy adds one wrinkle: ETAC. Because the Department of Energy is the energy Sector Risk Management Agency, it would both vet the electric council's membership and run its own operational stack in the Energy Threat Analysis Center, CRISP, and the E-ISAC. For an electric operator that is one more forum on a crowded map, and the notice never says how a DHS advisory umbrella avoids duplicating the apparatus DOE already runs for the sector.
Forward-Looking Open Questions
Several questions sit unanswered. Whether DHS clarifies the liability posture of these deliberations or leaves participants relying on a shield that expires in September is the first and largest. Whether membership approval runs on consistent, published criteria or case-by-case discretion is the second, and it bears on stability across leadership transitions. Whether regional councils deliver real capability to rural operators or merely relocate the burden is the third. Whether the sector-run sharing mechanisms industry depends on operate above this restructuring or get pulled into its approval logic is the fourth. And whether the operational backbone the regional model presumes will be funded is the fifth, since legislation introduced in mid-2026 would restore federal support to the state and local sharing hub but remains a proposal, and a regional council is only as useful as the intelligence its members can still afford to receive. On the electric side, that question has begun to move: in June 2026 the House passed bipartisan measures to reauthorize cybersecurity grants for rural and municipal utilities and to require states to plan for the security of their local distribution systems, though both await the Senate and neither is yet law.
Closing Thought
A compliance program and a partnership framework are different instruments, and confusing them is a recurring error in how our community reads federal action. ANCHOR-CI is a partnership instrument: it obligates nothing and enforces nothing, and the right response is to say so plainly before anyone treats a notice as a control gap. But partnership is the channel through which the intelligence that shapes real mitigation moves, and a framework that restores the meeting while leaving the legal protection to expire and the operational funding to erode has solved the visible problem and left the load-bearing ones in place. The sector should welcome the room. It should also count the exits before the lights go on a timer.