Sharing is caring: Take advantage of ISAC

Share this article:
Risk lessons over beer and bratwurst
Risk lessons over beer and bratwurst

Sharing is an important part of life. No one should ever have to go it alone. The wild success of social networks such as Facebook, Twitter and LinkedIn provide daily proof of the importance of sharing to the human mind and spirit. The economic, professional and social advantages of having a good support network are also not to be underestimated.

Information security is a field that may not naturally lend itself to sharing. We are sometimes a secretive lot. We need to change that point of view and recognize that information sharing, within a structured framework, is especially important to security professionals. What I refer to here is the sharing of hard information among trusted peers within your chosen industry. This may make some of you uncomfortable, because what I'm recommending is that you get into the habit of sharing information about security events and observations even with competitors in your sector. Should Macy's tell Gimbels? In this case, yes.

A structure for this type of sharing has been developed within multiple sectors. If you haven't heard, the Information Sharing and Analysis Center, or ISAC, is that structure. An ISAC provides members with a private community for dispensing information about security threats, incidents and response, and critical infrastructure protection. 

If one bank, government agency or a utility company is being attacked from a certain location or using a particular methodology, it is strategically helpful to know if others are being targeted as well. 

Membership is normally open only to those organizations within that vertical sector that have agreed to contribute to and receive information from their peers, and that are willing to operate under strict confidentiality guidelines.

Some ISACs further information sharing by providing monitoring services and aggregating threat data within their sector, thus offering a holistic view. A 24/7 watch desk, an alerting function, and developmental programs and projects also can be found within a typical ISAC. 

ISACs are an effective method of sharing your information without direct attribution. If your site is under cyber attack or you become aware of an imminent threat to your sector, details can be exchanged without ever revealing your identity, thereby facilitating sharing, but maintaining confidentiality.

As a CISO of a large city, I have been engaged with the Multi-State ISAC (MS-ISAC) for a number of years. The MS-ISAC promotes information sharing among 50 state governments, participating local governments, territories of the United States and tribal governments. It operates a 24/7 cyber security operations center and is a significant intelligence source for its members. 

Can I substantiate the benefits of ISAC participation? Absolutely! The MS-ISAC has facilitated direct conversations among me and my peers in a number of cities. We have had the opportunity to exchange information about cyber attack experiences and strategies. 

Does your industry have an ISAC? Likely it does. For more details, there is a National Council of ISACs. You can visit its website at http://www.isaccouncil.org.

As proof of its importance, look for information sharing to be one of the cornerstones of any upcoming presidential executive order or congressional legislation dealing with cyber security. One of the key issues needing resolution is how to share classified information in a useful way with those who need it most – generally those without security clearances.


Dan Srebnick is the CISO of the city of New York. Opinions expressed are his own and do not necessarily reflect those of his employer.
Share this article:
You must be a registered member of SC Magazine to post a comment.
close

Next Article in Opinions

Sign up to our newsletters

TOP COMMENTS

More in Opinions

Beware of the malware walking dead

Beware of the malware walking dead

This Hallows Eve might be a good time to remind ourselves that zombies can be just as deadly, and I'm referring to recycled tools and techniques from years gone by.

Why the Home Depot attack shouldn't have happened

Why the Home Depot attack shouldn't have happened

Major retailers are falling prey to massive credit card information heists, despite spending millions on cyber security systems.

Next-generation malware: Think like the enemy and avoid the car alarm problem

Next-generation malware: Think like the enemy and avoid ...

When it comes to enterprise security, one rule remains constant - attacks will continue to increase in sophistication and attackers will seek to outmaneuver existing defenses.