NTSC – Weekly Policy & Activities Report
National Technology Security Coalition

Weekly Policy & Activities Report

Reporting Period: February 2 – February 9, 2026 NTSC Member Confidential

Weekly Recap

General Overview

The federal government has reopened, but short-term DHS funding keeps CISA’s operations under ongoing risk.

Even so, cybersecurity remains a priority, with:

NTSC Activities

Member Updates

We've added an interactive NTSC Events calendar. Turn off filters for Board, Executive Committee, and Finance Committee using the password NTSC2026

The Mid-Atlantic Policy Roundtable will be March 19th in Washington D.C. Registration is now open. Agenda and speakers will be announced shortly.

Washington D.C. Mission

Against this backdrop, NTSC is strengthening its role through senior-level engagement across the federal government during key briefings with:

  • Alexandra Seymour, Principal Deputy Assistant National Cyber Director (ONCD)
    Pressed for a clean, 20-year reauthorization of CISA 2015 and urged NTSC to elevate lapse impacts to board-level risk discussions.
  • Nick Andersen, Executive Assistant Director for Cybersecurity (CISA)
    Indicated CISA will sharpen its mission toward readiness for open cyber conflict and measurable preparedness.
  • Jay Gazlay, Deputy Associate Director, Vulnerability Management (CISA)
    Highlighted CVE ownership and MITRE coordination; expressed interest in member sessions on CVE sustainability and governance.
  • Senate HSGAC (Emily Park and Ilona Bodnar, Minority Staff)
    Requested a working session with NTSC members focused on CVEs and ecosystem challenges.

Chris also attended the Third Annual Cyber Policy Awards hosted by the Institute for Security and Technology.

Back to Report Contents ↑

Leadership Buzz Feed

Nick Andersen (CISA)

“CISA’s creation of an AI Information Sharing Analysis Center (ISAC) is underway. It’s a pre-decisional memo right now as CISA tries to ensure that a new AI information-sharing center or framework adds value without replicating what private-sector organizations already provide.”

Sean Cairncross (ONCD)

“The National Cyber Strategy is coming soon.” It is expected to focus on shaping adversary behavior, elevating coordination, public-private partnerships, workforce resilience, and international alliances.

Sen. Maria Cantwell (D-WA)

Requesting CEOs of AT&T and Verizon appear before the committee to discuss security steps taken post-Salt Typhoon breach.

Back to Report Contents ↑

Activity by Policy Priority

CISA 2015 & State/Local Grants

Congress Struggles to Renew Cyber Threat Sharing Act and compromises on a reauthorization through September 30, 2026. This sets up another reauthorization battle for fiscal year 2027. ONCD have told us they are looking for a 20 year clean reauthorization.

Artificial Intelligence (AI)

Rep. Obernolte stated that the AI Moratorium was never a "long-term solution."—lawmakers now aim to build a national, sector-specific AI regulatory framework rather than pause all state-level rules—meaning security leaders should expect ongoing regulatory evolution that will layer federal guardrails on top of dynamic state laws and risk-based governance requirements impacting how AI is secured and governed enterprise-wide.

Quantum Computing

Los Alamos Forms Quantum Computing-Focused Research Center — More indication that the timeline on “harvest now, decrypt later” threats may compress.

The CVE Ecosystem

Ongoing analysis of the vulnerability management backlog. NTSC meeting with Jay Gazlay (CISA) focused on NVD stability and vulnerability prioritization.

Back to Report Contents ↑

Hearings Update

Status Hearing Detail Date / Link
Recent Oversight of the U.S. SEC
Senate Banking Committee		 Feb 12, 2026
Watch Recording
Recent Building an AI-Ready America
House Workforce Protections Subcommittee		 Feb 11, 2026
Watch Recording
Recent Potential DHS Shutdown Impacts
House Appropriations Subcommittee		 Feb 11, 2026
Watch Recording
Recent Addressing Cyber Challenges to Water Infrastructure
Senate Environment Committee		 Feb 4, 2026
Watch Recording
Back to Report Contents ↑

Publication Updates

  • BOD 26-02: Mitigating Risk to and from Unsupported Edge Devices (CISA): Although aimed at Federal civilian agencies, this does provide practical guidance, asset-inventory expectations, and lifecycle management best practices that the private sector can use to reduce risk from unsupported edge devices.
  • NSA released Phase One and Two of their 5 phase Zero Trust Implementation Guidelines (ZIGs) series:
    • Primer - Conceptual and strategic guidance.
    • Discovery Phase – Foundational work to assess and map the environment.
    • Phase One – Builds core zero trust elements; establishes secure base.
    • Phase Two – Begins solution integration and expanded capability deployment.
    • Phase Three & Four – Future guidelines for advanced implementation.
  • NIST National Cybersecurity Center of Excellence (NCCoE) released a draft paper on Accelerating Adoption of Software and AI Agent Identity to gather feedback from industry, government, and security professionals on challenges, use cases, standards, and technologies relevant to AI and software agent identity and authorization. Comments are solicited by a deadline (April 2, 2026).
Back to Report Contents ↑
© 2026 National Technology Security Coalition. All Rights Reserved. Confidential Member Report.