As we’re confronted with an increasing volume and complexity of cybersecurity threats, we must work together as government at all levels struggles with more challenges and fewer resources.
The Multi-State Information Sharing and Analysis Center provides a unique and successful approach to information sharing. Established in 2003, MS-ISAC boasts participation from all 50 states and the District of Columbia, as well as many local governments. Increased outreach to local governments is ongoing, as well as expansion to U.S. territories.
MS-ISAC provides a central resource for gathering and sharing information on cyberthreats to critical infrastructure and providing two-way sharing of information between and among the states and local government. Its success is a direct result of the great commitment and passion of each of the members. From its inception, MS-ISAC has fostered a trusted environment. Over the past five years, those trusted relationships have strengthened, and the information sharing has increased.
A key component of that information sharing model is the MS-ISAC Cyber Security Operations Center, a 24x7 center that conducts ongoing analysis of and response to cyber vulnerabilities, threats, exploits and attacks. In addition, the center provides managed services for four states and reviews approximately 4 billion logs per month. Based on its analysis of threats and risks, the center distributes cybersecurity advisories and bulletins.
MS-ISAC members have also adopted a common cyber-alert level protocol. When any member is at a particular level for cybersecurity, all of the members will know the criteria used for that level. Members update their cyber-alert levels on a weekly basis and post that information on an interactive map located on a secure portal. If a state raises its alert level to elevated, high or severe, a conference call takes place to brief everyone. This further helps enhance the situational awareness of all of the states and can help others know what steps they might take to better protect their environment and defend against threats.
In addition to trusted relationships and information sharing between the states through MS-ISAC, building communications within the states is an important component. States are building their own ISACs, and reaching out to agencies, local governments and educational institutions to distribute cybersecurity information and material.
MS-ISAC’s motto is “create it once, share it often.” In that regard, MS-ISAC makes the products it develops available online at www.msisac.org. This shared approach also includes opportunities for joint procurements to take advantage of the collective buying power of the states.
MS-ISAC takes a unique and historic approach to information sharing and cybersecurity intelligence gathering. This collaboration and knowledge transfer serves to increase our overall situational awareness. With this broad view, we can collectively enhance our posture and improve the cybersecurity of the states and local governments.
How to foster information sharing:
- Think beyond your borders.
- Build trusted relationships.
- Create materials once and distribute broadly.
- Just get started.