About the MS-ISAC

Mission

The mission of the MS-ISAC is to provide a common mechanism for raising the level of cyber security readiness and response in each state/territory and with local governments. The MS-ISAC provides a central resource for gathering information on cyber threats to critical infrastructure and providing two-way sharing of information between and among the states, territories and with local government.

 

Major Objectives of the MS-ISAC

  • provide two-way sharing of information and early warnings on cyber security threats
  • provide a process for gathering and disseminating information on cyber security incidents
  • promote awareness of the interdependencies between cyber and physical critical infrastructure as well as between and among the different sectors
  • coordinate training and awareness
  • ensure that all necessary parties are vested partners in this effort

MS-ISAC Executive Committee

There shall be an eleven (11) member Executive Committee for the MS-ISAC. One of the Committee members is the Chair of the MS-ISAC and the remaining committee members will be from different states/territories/District of Columbia/U.S. Local Government entities.

 

MS-ISAC Workgroups

There are currently seven workgroups within the MS-ISAC, each focused on specific program areas and deliverables in support of the MS-ISAC's goals and objectives. The Workgroups meet on a varied basis depending on need. The Workgroups may change as needed to accommodate MS-ISAC Member needs and areas of interest.

  • Cyber Security Metrics and Compliance: Focused on recommending and implementing methodologies to help states with cyber security metrics and compliance inventory, assessment and audit of their cyber security assets.
  • Cyber Exercise: Focused on facilitating cyber exercise programs for MS-ISAC and states' participation.
  • Education and Awarness: Focused on recommending development of new - or identification of existing - cyber security education, awareness and training content for states and localities. This includes recommendation of MS-ISAC program for annual National Cyber Security Awareness Month.
  • Legislative: Focused on tracking all major legislation, rules and regulations across the country relating to cyber security issues, and recommending relevant cyber security legislation for the MS-ISAC to support.
  • Operations: Focused on strategies for operational cyber security initiatives, both within the MS-ISAC, as well as at the state level. This includes recommendations of standards and procedures for incident reporting and response.
  • Outreach and Marekting: Focused on recommending strategies for distribution of cyber security education, training and awareness content as well as cyber alerts and advisories to states and localities. Also focused on marketing of the MS-ISAC services and programs.
  • Procurement: Focused on assisting state governments in identifying strategies for procurement of goods and services related to cyber security initiatives; facilitating opportunities for state and local joint procurement as well as identifying and recommending available grant opportunities.

 

Highlights of MS-ISAC Services

  • operation of a 24x7 cyber security center
  • distribution of cyber security advisories and bulletins
  • providing cyber incident response to MS-ISAC Members
  • implementation of cyber incident reporting protocols
  • establishment of common cyber alert level map and protocols
  • facilitation of multi-state procurement efforts
  • participation in regional and national cyber security exercises
  • coordination of bi-monthly national cyber security webcasts
  • serve as co-chair of National Cyber Security Awareness Month
  • issuance of white papers, monthly email newsletters, cyber security guides, training videos and other educational material
  • maintenance of secure and public websites

MS-ISAC Cyber and Spatial Analysis Center (CSAC)

The MS-ISAC Cyber and Spatial Analysis Center (CSAC) is a 24X7 operational center for the Members. Vulnerabilities, threats and other significant cyber-related events are reported to and correlated by the CSAC staff. Information is vetted and relevant, and significant information is redistributed to the entire membership. Before redistribution, information is analyzed to incorporate a “value add” - in other words incorporation of additional information regarding mitigation strategies or interim steps that can be taken to protect the infrastructure. These advisories are then distributed to the Members.

 

MS-ISAC Common Cyber Alert Level Procedures

  • The MS-ISAC Members have adopted a common Cyber Alert Indicator Protocol process. Thus, when any MS-ISAC member entity is at a “Guarded” level for cyber, for example, all of the other MS-ISAC Members will know the specific criteria used to arrive at that level.
  • An interactive mapping application is located on the secure MS-ISAC portal so that Members may identify their current cyber alert level and the reason for that level. This information is updated by the Members minimally on a weekly basis.
  • Additionally, the MS-ISAC Members have a common Incident Reporting process, whereby Members can call into a 24 x 7 toll-free number to report cyber incidents to the MS-ISAC Cyber and Spatial Analysis Center .
  • The MS-ISAC serves as the liaison between the states and U.S. Department of Homeland Security's US-CERT for cyber incident reporting.

National Webcast Initiative

The Multi-State Information Sharing and Analysis Center (MS-ISAC) in cooperation with the Department of Homeland Security, through its National Cyber Security Division, partnered to deliver a series of national webcasts which examine critical and timely cyber security issues.

Embracing the concept that security is everyone's responsibility, these webcasts are available to a broad audience to help raise awareness and knowledge levels. Thousands of individuals from across the country and around the world participate in the webcasts.

The webcasts provide practical information and advice that users can apply immediately. All sessions are recorded and archived for viewing via the MS-ISAC public website .


Coordination with the National Private ISACs

The MS-ISAC works collaboratively with a number of organizations in achieving its goals. Because a majority of critical infrastructure is either owned or controlled by the private sector, a strong relationship with the private sector is vital. To that end, the MS-ISAC works closely with the National ISAC Council(New Window) , which comprises representatives from critical industry sectors. The MS-ISAC was the first government entity to become a member of the ISAC Council.