CISA’s Role in Risk Management

Critical infrastructure are those assets, systems, and networks that provide functions necessary for our way of life. From generating electricity to supplying clean water, there are 16 critical infrastructure sectors that are part of a complex, interconnected ecosystem including communications, energy, transportation, emergency services, and water. Any threat to these sectors could have potentially debilitating national security, economic, and public health or safety consequences.

As the nation’s risk advisor, the Cybersecurity and Infrastructure Security Agency’s (CISA) mission is to ensure the security and resiliency of our critical infrastructure. However, in today’s digitizing world, as organizations are increasingly integrating cyber systems into their operations, they are also facing more diverse, sophisticated threats— cyber, physical, technological, or natural—that may have cross-sector impacts. The evolving risk landscape necessitates an evolved response.

Housed with CISA, the National Risk Management Center (NRMC) helps fulfill the Agency’s risk advisor role by leveraging sector and stakeholder expertise to identify the most significant risks to the nation, and to coordinate risk reduction activities to ensure critical infrastructure is secure and resilient both now and into the future.

National Risk Management Center (NRMC)

Since the nation’s critical infrastructure is largely owned and operated by the private sector, managing risk is a priority shared by industry and government. As the Agency’s planning, analysis, and collaboration center, the National Risk Management Center (NRMC) brings the private sector, government agencies, and other key stakeholders together to identify, analyze, prioritize, and manage the most significant risks to our critical infrastructure.

The NRMC’s dynamic, cross-sector risk management process transforms private-public engagement into collective action by defragmenting how the government and industry develop response and security plans, risk-reduction activities, and share information. The interconnectedness of the sectors and sophistication of threats and hazards means that the consequences of an attack or imminent threat do not impact only one sector. The NRMC creates an environment where government and industry can collaborate and share expertise to enhance critical infrastructure resiliency within and across sectors.

Top NRMC initiatives include 5G, election security, electromagnetic pulses, national critical functions, pipeline cybersecurity and more.

• Visit the NRMC Initiatives to learn more about each initiative.
• Visit the NRMC Newsroom for the latest press releases, media advisories, and blog articles.
• Download and share the National Risk Management Center Fact Sheet

Contact Us

For questions or comments, email NRMC@hq.dhs.gov.