FACACLASSIC

Note: An Annual Comprehensive Review, as required by §7 of the Federal Advisory Committee Act, is conducted each year on committee data entered for the previous fiscal year (referred to as the reporting year). The data for the reporting year is not considered verified until this review is complete and the data is moved to history for an agency/department. See the Data From Previous Years section at the bottom of this page for the committee’s historical, verified data.

Details on agency responses to committee recommendations can be found under the Performance Measures section for each committee in the fields “Agency Feedback” and “Agency Feedback Comment.”

DHS - 84632 - CISA Cybersecurity Advisory Committee - Statutory (Congress Created)

GENERAL INFORMATION

Committee Name	CISA Cybersecurity Advisory Committee	Agency Name	Department of Homeland Security
Fiscal Year	2025	Committee Number	84632
Original Establishment Date	6/25/2021	Committee Status	Chartered
Actual Termination Date		Committee URL	https://www.cisa.gov/cisa-cybersecurity-advisor...
Actual Merged Date		Presidential Appointments*	No
New Committee This FY	No	Max Number of Members*	35
Terminated This FY		Designated Fed Officer Position Title*	CISA Cybersecurity Advisory Committee DFO
Merged This FY		Designated Federal Officer Prefix
Current Charter Date	5/24/2023	Designated Federal Officer First Name*	Megan
Date Of Renewal Charter	5/24/2025	Designated Federal Officer Middle Name
Projected Termination Date		Designated Federal Officer Last Name*	Tsuyi
Exempt From Renewal*	No	Designated Federal Officer Suffix
Specific Termination Authority		Designated Federal Officer Phone*	(202) 594-7374
Establishment Authority*	Statutory (Congress Created)	Designated Federal Officer Fax*
Specific Establishment Authority*	National Defense Authorization Act	Designated Federal Officer Email*	megan.tsuyi@cisa.dhs.gov
Effective Date Of Authority*	1/1/2021
Exempt From EO 13875 Discretionary Cmte	Not Applicable
Committee Type*	Continuing
Presidential*	No
Committee Function*	Other Committee

RECOMMENDATION/JUSTIFICATIONS

Agency Recommendation*	Continue
Legislation to Terminate Required
Legislation Status
How does cmte accomplish its purpose?*	The CISA Cybersecurity Advisory Committee shall develop, at the request of the CISA Director [hereinafter referred to as the “Director”] and incorporating guidance where applicable from the Secretary of Homeland Security [hereinafter referred to as the “Secretary”], recommendations on matters related to the development, refinement, and implementation of policies, programs, planning, and training pertaining to the cybersecurity mission of the Agency.
How is membership balanced?*	The Committee shall be composed of up to 35 individuals. Members are appointed by the Director. The DFO will coordinate with the DFO for the HSAC to ensure that appointments to the Committee do not impact the HSAC mission, member duties, or activities. In order for the Department of Homeland Security to fully leverage broad-ranging experience and education, the CISA Cybersecurity Advisory Committee must be diverse with regard to professional and technical expertise. The Department is committed to pursuing opportunities, consistent with applicable law, to compose a committee that reflects the diversity of the nation’s people. These members shall consist of subject matter experts from diverse and appropriate professions and communities nationwide, be geographically balanced, and shall include representatives of State, local, tribal, and territorial governments and of a broad and inclusive range of industries. The CISA Director may select members with a background in cybersecurity issues relevant to CISA policies, plans, and programs. Specifically, membership may include representatives from the following industries recommended in the authorizing statute: i. Defense; ii. Education; iii. Financial services and insurance; iv. Healthcare; v. Manufacturing; vi. Media and entertainment; vii. Chemical; viii. Retail; ix. Transportation; x. Energy; xi. Information Technology; xii. Communications; and xiii. Other relevant fields identified by the Director. The term of each member shall be two years, except that a member may continue to serve until a successor is appointed. Appointments are personal to the member and cannot be transferred to another individual or other employees of the member’s organization of employment. A member may be reappointed for an unlimited number of terms. The Director may review the participation of a member of the CISA Cybersecurity Advisory Committee and remove such member any time at his/her discretion to include for violation of established responsibilities as outlined in sections III.6 and III.7 of the committee’s bylaws. Members shall serve as representatives to speak on behalf of their respective organizations, group, or industry. Members of the CISA Cybersecurity Advisory Committee may not receive pay or benefits from the United States Government by reason of their service on the CISA Cybersecurity Advisory Committee. Members are required to sign the nondisclosure agreement and gratuitous services agreement forms. In the event the CISA Cybersecurity Advisory Committee terminates, all appointments to the Committee terminate.
How frequent & relevant are cmte mtgs?*	CISA Cybersecurity Advisory Committee meetings will be held semiannually, at a minimum, to address matters within the scope of this Charter. Meetings may be held more frequently, or as necessary and appropriate, to address mission requirements. Meetings shall be open to the public according to the FACA unless a determination is made by the appropriate DHS official in accordance with DHS policy and directives that the meeting should be closed in accordance with Title 5, United States Code, subsection (c) of 552b. At least one meeting per year will be open to the public.
Why advice can't be obtained elsewhere?*	The CISA Cybersecurity Advisory Committee shall develop, at the request of the CISA Director [hereinafter referred to as the “Director”] and incorporating guidance where applicable from the Secretary of Homeland Security [hereinafter referred to as the “Secretary”], recommendations on matters related to the development, refinement, and implementation of policies, programs, planning, and training pertaining to the cybersecurity mission of the Agency.
Why close or partially close meetings?	In accordance with section 1009(d) of the Federal Advisory Committee Act(FACA) and the Government in Sunshine Act, 5 U.S.C. § 552b(c), it has been determined that certain agenda items require closure from the public, as the disclosure of information that will be discussed would not be in the public interest. CSAC members will engage in discussions that addresses areas of CISA’s operations that include critical cybersecurity vulnerabilities and priorities for CISA. Government officials will share sensitive information with CSAC members on initiatives and future security requirements for assessing cyber risks to critical infrastructure. The premature disclosure of this information to the public would be likely to significantly frustrate implementation of proposed agency actions. Therefore, closed portions of meetings are required to be closed pursuant to section 10(d) of FACA and the Government in the Sunshine Act, 5 U.S.C. §552b(c). This decision was made in consult with the Department’s Committee Management Office, the Office of the General Counsel, and Section 1009(d) of the Federal Advisory Committee Act (5 U.S.C., Ch. 10).
Recommendation Remarks	In fiscal year 2024, the Cybersecurity Advisory Committee completed the member appointment process, initiated holding meetings, stood up subcommittees, and issued reports with recommendations.

PERFORMANCE MEASURES

Outcome Improvement To Health Or Safety*	Yes	Action Reorganize Priorities*	No
Outcome Trust In Government	Yes	Action Reallocate Resources	No
Outcome Major Policy Changes	Yes	Action Issued New Regulations	No
Outcome Advance In Scientific Research	Yes	Action Proposed Legislation	No
Outcome Effective Grant Making	No	Action Approved Grants Or Other Payments	No
Outcome Improved Service Delivery	Yes	Action Other	No
Outcome Increased Customer Satisfaction	Yes	Action Comment	30 recommendations are partially implemented, with implementation still ongoing and 44 are fully implemented.
Outcome Implement Laws/Reg Requirements	Yes	Grants Review*	No
Outcome Other	No	Number Of Grants Reviewed	0
Outcome Comment		Number Of Grants Recommended	0
Cost Savings*	Unable to Determine	Dollar Value Of Grants Recommended	$0.00
Cost Savings Comment		Grants Review Comment	N/A
Number Of Recommendations*	193	Access Contact Designated Fed. Officer*	Yes
Number Of Recommendations Comment	The CISA Cybersecurity Advisory Committee submitted 29 recommendations to the director in December 2023 and 3 in June 2024 which added to the recommendations from the prior year.	Access Agency Website	Yes
% of Recs Fully Implemented*	23.00%	Access Committee Website	Yes
% of Recs Fully Implemented Comment		Access GSA FACA Website	Yes
% of Recs Partially Implemented*	16.00%	Access Publications	Yes
% of Recs Partially Implemented Comment	30 recommendations are confirmed to be partially implemented, with implementation still ongoing and 44 are fully implemented. Further data calls will be performed in 2025 & 2026 to update the implementation status on the increased amount of recommendations.	Access Other	No
Agency Feedback*	Yes	Access Comment	As reports are released, the CISA Cybersecurity Advisory Committee posts them to the committee website and submits copies to the Library of Congress. All CISA Cybersecurity Advisory Committee meetings are announced in the Federal Register. The meetings are open or partially closed to the public. Agendas and meeting summaries are posted to the committee website.
Agency Feedback Comment*	The CISA Cybersecurity Advisory Committee solicits updates regarding the recommendations, as appropriate, during members’ regularly-scheduled conference calls and/or at the annual meeting.	Narrative Description*	The CISA Cybersecurity Advisory Committee provides independent, strategic, and actionable consensus recommendations to CISA on a range of cybersecurity issues, topics, and challenges, including, but not limited to, information exchange, critical infrastructure, risk management, and public and private partnerships. The CISA Cybersecurity Advisory Committee develops, at the request of the CISA Director, and incorporates guidance from the Secretary of Homeland Security recommendations on matters related to the development, refinement, and implementation of policies, programs, planning, and training pertaining to the cybersecurity mission of the Agency.

COSTS

1. Payments to Non-Federal Members*		1. Est Paymnts to Non-Fed Membrs Nxt FY*
2. Payments to Federal Members*		2. Est. Payments to Fed Members Next FY*
3. Payments to Federal Staff*		3. Estimated Payments to Federal Staff*
4. Payments to Consultants*		4. Est. Payments to Consultants Next FY*
5. Travel Reimb. For Non-Federal Membrs*		5. Est Travel Reimb Non-Fed Membr nxtFY*
6. Travel Reimb. For Federal Members*		6. Est Travel Reimb For Fed Members*
7. Travel Reimb. For Federal Staff*		7. Est. Travel Reimb to Fed Staf Nxt FY*
8. Travel Reimb. For Consultants*		8. Est Travel Reimb to Consltnts Nxt FY*
10. Other Costs		10. Est. Other Costs Next FY*
11. Total Costs	$0.00	11. Est. Total Next FY*	$0.00
Date Cost Last Modified	2/12/2025 12:44 PM	Est. Fed Staff Support Next FY*
Federal Staff Support (FTE)*		Est Cost Remarks
Cost Remarks

Interest Areas

Category Area Computer Technology Artificial Intelligence Cybersecurity Government Federal Government Internal Federal Government Legislation Legislation Regulations National Defense National Security and Defense

Custom Links

Committee Level Reports