In addition, the MS-ISAC’s intrusion detection system, called Albert, has been deployed across the United States and its territories. This passive monitoring device resides just outside members’ networks, where internet traffic meets members’ systems. The signature-based device is not a firewall; rather, it monitors network traffic to find suspicious activity. If a signature fires, the SOC is notified. Analysts review the event and determine what the signal is.
If warranted, the SOC then notifies an entity of a possible issue. The CIS ensures a very low false positive result thanks to a user review.
MORE FROM STATETECH: Keep an eye on these 4 IT trends in state and local government in 2020.
MS-ISAC Proves a Range of Cyber Services and Tools
The MS-ISAC ties this information together to provide its membership with timely alerts about attacking addresses and domains to help keep firewalls current. Combined with the ISACs’ IP- and domain-monitoring services and port profiler, the CIS offers a diverse toolkit to bolster cyberdefenses for MS-ISAC and EI-ISAC members.
These are just a few of the services offered to the SLTT community absolutely free of charge by the MS-ISAC. There are many others, including CIS SecureSuite membership, awareness campaigns, newsletters for both the security professional and the layperson, web-based malicious code analysis platforms, threat stream assessments and more.
To join the MS-ISAC or EI-ISAC and begin taking advantage of its many benefits, visit the Center for Internet Security at cisecurity.org.