This post is also available in: עברית (Hebrew)
As cyber leaders from across federal, state, local and tribal governments prepare to gather for another annual meeting, the future of government cybersecurity in our local communities now hangs in the balance.
The scale of cyberattacks, the cost of data breaches and the significant ramifications to our nation have never been greater. MS-ISAC has grown in its global capabilities and cyberdefense sophistication. World-class information security coordination is now available. How can your government become more engaged?
America’s state and local government cybersecurity leaders are preparing to gather in Nashville, Tenn., in early October for the first MS-ISAC Annual Meeting in more than two years. (Note: Last year’s meeting was canceled due to Department of Homeland Security (DHS) budget issues with sequestration.)
There is plenty to discuss and act upon.
Not only are the bad guys (such as organized crime, nation-state actors, and insider threats) getting more dangerous, the breadth and depth of cyber problems can cause a sense of hopeless inevitability regarding the topic of breaches that affect both sensitive data and critical infrastructure.
The need for more robust partnerships, real-time coordination and practical security answers has never been greater for all levels of government. What has become very clear over the past few years is that any public- or private-sector organization that tries to address cybersecurity threats alone is bound to fail. Thus, the need for collaboration, coordination and information sharing is vital to defend critical assets from sophisticated cyberattacks.
The MS-ISAC headquarters is part of the non-profit Center for Internet Security.
The facility is collocated with other New York state government law enforcement capabilities, and the synergy and professionalism were obvious. The 7×24 Security Operations center (SOC) and the coordination between various cybersecurity functions demonstrated best practices and an attention to detail that is necessary for such an important task.
The MS-ISAC website lays out its mission and these objectives:
- Provide two-way sharing of information and early warnings on cyber security threats
- Provide a process for gathering and disseminating information on cyber security incidents
- Promote awareness of the inter-dependencies between cyber and physical critical infrastructure as well as between and among the different sectors
- Coordinate training and awareness
- Ensure that all necessary parties are vested partners in this effort
The national cyber alert map at the MS-ISAC website provides the cyber status of different states from all over the USA. In addition, the National Webcast Initiative provides excellent information on a wide variety of information security topics and opportunities for governments to solve pressing issues.
A Brief History of the MS-ISAC
Will Pelgrin, who is the president and CEO of the Center for Internet Security and chair of MS-ISAC, realized the importance of state and local government coordination on information security matters back in 2003. Will understood that cyberdefense on an island will fail, and his founding vision was to establish coordination amongst state government chief information security officers (CISOs) and other cyber leadership officials.
The MS-ISAC quickly got the support of the DHS and other federal and nonprofit organizations. Over time, all states joined the MS-ISAC, but local governments remained separate and received cyber information via their state CISOs in state-specific ISACs.