Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Role of The ISACs in Critical Infrastructure Protection and Resiliency Denise Anderson Vice Chair-National Council of ISACs Vice President FS-ISAC,

Published byNicholas Malone Modified over 8 years ago

Similar presentations

Presentation on theme: "The Role of The ISACs in Critical Infrastructure Protection and Resiliency Denise Anderson Vice Chair-National Council of ISACs Vice President FS-ISAC,"— Presentation transcript:

1 The Role of The ISACs in Critical Infrastructure Protection and Resiliency Denise Anderson Vice Chair-National Council of ISACs Vice President FS-ISAC, Government and Cross Sector Programs Financial Services Information Sharing & Analysis Center (FS-ISAC) National Council of ISACs

2 Critical Infrastructure What is an ISAC? Sample descriptions of the various ISACs and capabilities/reach What is the National Council of ISACs? Brief Overview of the FS-ISAC and Recent Incidents Three Initiatives To Enhance Critical Infrastructure Protection and Resilience Agenda

3 18 Defined Sectors: Critical Infrastructure Agriculture and Food Defense Industrial Base Energy Healthcare & Public Health Banking & Finance Water Chemical Commercial Facilities Critical Manufacturing Dams Communications Postal & Shipping Transportation Systems Government Facilities Emergency Services Nuclear Reactors, Materials & Waste Information Technology National Monuments & Icons

4 What is an ISAC? Relationship to sectors Funding/Structure/Operations Functions

5 Why ISACs?  Trusted entities established by CI/KR owners and operators.  Comprehensive sector analysis  Reach-within their sectors, with other sectors, and with government to share critical information.  All-hazards approach  Threat level determination for sector

6 Why ISACs?  Operational services such as risk mitigation, incident response, and information sharing  Fast response on accurate, actionable and relevant information  Empower business resiliency through security planning, disaster response and recovery execution. Most ISACs, by definition, have 24/7 threat warning, incident reporting capabilities

7 ISACs Communications ISAC Electricity ISAC Emergency Management & Response ISAC Financial Services ISAC Highway ISAC Information Technology ISAC Maritime ISAC Multi-State ISAC

8 ISACs National Health ISAC Public Transit ISAC Real Estate ISAC Research and Education ISAC Supply Chain ISAC Surface Transportation ISAC Water ISAC

9 Other Operational Entities Defense Industrial Base (DIB) Nuclear Oil & Gas Chemical Airline

10 The only industry forum for collaboration on critical security threats facing the financial services sector Over 4,200 direct members and 30 member associations Ability to reach 99% of the banks and credit unions and 85% of the securities industry, and nearly 50% of the insurance industry www.fsisac.com Financial Services ISAC

11 Includes all 50 States, the District of Columbia, five U.S. Territories, one local governments per state and all state homeland security offices The MS-ISAC continues to broaden its local government participation to include all of the approximate 39,000 municipalities and fusion centers www.msisac.org Multi-State ISAC

12 Created by the Association of American Railroads in 2002 at the request of the Secretary of Transportation The ST-ISAC supports 95% of the North American freight railroad infrastructure www.surfacetransportationisac.org Surface Transportation ISAC

13 National Council of ISACs Mission The mission of the National Council of Information Sharing and Analysis Centers Council (ISACs) is to advance the physical and cyber security of the critical infrastructures of North America by establishing and maintaining a framework for valuable interaction between and among the ISACs and with governments.

14 National Council of ISACs Began meeting in 2003 to address common concerns and cross-sector interdependencies Volunteer group of ISACs who meet monthly to develop trusted working relationships among sectors on issues of common interest and work on initiatives of value to CI/KR

15 National Council of ISACs Information SourcesCommunications Briefings Best Practice Sharing - Joint Statements - White Papers Monthly Meetings Daily & Weekly ISAC Calls CIP Congress ENS Calls And Crisis Calls ListServ and Trusted Relationships ISAC Ops Centers ISACs & Other Sectors DHS & Other Government Partners Private Sector Liaison At The NICC Other Sources (Hundreds) PCIS

16 Brief Overview and Recent Incidents in 2011 Financial Services ISAC

17 FS-ISAC Background The Financial Services Information Sharing and Analysis Center is: A nonprofit private sector initiative Designed/developed/owned by financial services industry Lead agency: U.S. Treasury Founded in 1999 17

18 18 FS-ISAC Membership Growth

19 FS-ISAC Information Sharing and Analysis Tools for Members Cyber & Physical alerts from 24/7 Security Ops Center Briefings/white papers Risk Mitigation Toolkit Document Repository Anonymous Submissions Committee Listservs Member surveys Bi-weekly Threat calls Special info sharing member conference calls Crisis Management process– CMLT, CINS Semi-annual conferences Webinars Regional Program Viewpoints

20 2011 YTD: Recent Incidents

21 US companies experienced 662 reported data breaches in 2010 March: RSA Open Letter reveals Advanced Persistent Threat (APT) attack against its two-factor authentication product (SecurID) April 1: Epsilon data breach divulged email addresses for unknown number –2,500 corporate clients –112 potential companies 2011 Breaches Data Breaches (Identity Theft Resource Center)

22 March 11, 2011-Breach detected not public –Thursday March 17, 2011 story broke Threat Intelligence Committee Call –Friday March 18, 2011 Cyber UCG call NCI call with DHS Threat Intelligence Committee Call w/RSA FS-ISAC Membership Call w/RSA NCI call –Mitigation Report Working Group Calls –Mitigation Report –FS-ISAC, BITS Annual Summit – May 2011 RSA Breach

23 Three Major Initiatives To Enhance Critical Infrastructure Protection and Resilience 1.Liaison Programs 1.NICC 2.NCCIC 2.Information Sharing Frameworks 1.Directorate 2.CSISF 3.GISF 3.Classified Information Sharing

24 Who Is The NCCIC? DHS Office of Cybersecurity and Communications (CS&C) US CERT NCC ICS- CERT DHS I&A NCSC Liaisons UCG NCCIC

25 CLICK

26

27 National Security Telecommunications Advisory Council-NSTAC Cross-Sector Cyber Security Collaboration and Analysis Pilot project initially involving the FS-ISAC; IT-ISAC; Defense Security Information Exchange (DSIE) and Communications ISAC. Joint Coordination Center - CSISF

28 CONTACT Denise Anderson VP FS-ISAC, Government & Cross-Sector Programs - FS-ISAC Vice Chair-National Council of ISACs danderson@fsisac.us

Download ppt "The Role of The ISACs in Critical Infrastructure Protection and Resiliency Denise Anderson Vice Chair-National Council of ISACs Vice President FS-ISAC,"

Similar presentations

Protective Security Advisors Securing the Nations critical infrastructure one community at a time.

Protective Security Advisors Securing the Nations critical infrastructure one community at a time.
Homeland Security Information Network-Emergency Management (HSIN-EM) Fire Service Community Overview Technologies for Critical Incident Preparedness Conference.

Homeland Security Information Network-Emergency Management (HSIN-EM) Fire Service Community Overview Technologies for Critical Incident Preparedness Conference.
Idaho Critical Infrastructure and Key Resources Protection Program and Fusion Center Brief.

Idaho Critical Infrastructure and Key Resources Protection Program and Fusion Center Brief.
The Financial Services Sector Coordinating Council

The Financial Services Sector Coordinating Council
Kenneth Watson Partnership for Critical Infrastructure Security Partnership for Critical Infrastructure Security.

Kenneth Watson Partnership for Critical Infrastructure Security Partnership for Critical Infrastructure Security.
National Infrastructure Protection Plan

National Infrastructure Protection Plan
DHS, National Cyber Security Division Overview

DHS, National Cyber Security Division Overview
Partnership for Critical Infrastructure Security PCIS Mission: The mission of the Partnership for Critical Infrastructure Security (PCIS) is to coordinate.

Partnership for Critical Infrastructure Security PCIS Mission: The mission of the Partnership for Critical Infrastructure Security (PCIS) is to coordinate.
InfraGard A Partnership For Protecting America. What is InfraGard “ A cooperative undertaking between the U.S. Government (the FBI) and an association.

InfraGard A Partnership For Protecting America. What is InfraGard “ A cooperative undertaking between the U.S. Government (the FBI) and an association.
National Space-Based Positioning, Navigation, and Timing (PNT) Federal Advisory Board DHS Challenges & Opportunities Captain Curtis Dubay, P.E. Department.

National Space-Based Positioning, Navigation, and Timing (PNT) Federal Advisory Board DHS Challenges & Opportunities Captain Curtis Dubay, P.E. Department.
US Army Corps of Engineers BUILDING STRONG ® Ty Brumfield (LNO to FEMA –RSF-IS National Coordinator Office of Homeland Security Directorate of Contingency.

US Army Corps of Engineers BUILDING STRONG ® Ty Brumfield (LNO to FEMA –RSF-IS National Coordinator Office of Homeland Security Directorate of Contingency.
June 9, 2003 Updated July 2004 Slide 1 Critical Infrastructure Assurance: The US Experience.

June 9, 2003 Updated July 2004 Slide 1 Critical Infrastructure Assurance: The US Experience.
Food Safety and Inspection Service U.S. Department of Agriculture Homeland Security: Protecting the U.S. Food Supply Office of Food Security & Emergency.

Food Safety and Inspection Service U.S. Department of Agriculture Homeland Security: Protecting the U.S. Food Supply Office of Food Security & Emergency.
Resiliency Rules: 7 Steps for Critical Infrastructure Protection.

Resiliency Rules: 7 Steps for Critical Infrastructure Protection.
Food and Agriculture Sector Coordinating Councils John L. Williams, DVM U.S. Department of Agriculture AFDO Annual Conference Kansas City, MO June 7, 2005.

Food and Agriculture Sector Coordinating Councils John L. Williams, DVM U.S. Department of Agriculture AFDO Annual Conference Kansas City, MO June 7, 2005.
Public-Private Partnerships in Action: Emergency Response

Public-Private Partnerships in Action: Emergency Response
National Infrastructure Protection Plan (NIPP). 2 The NIPP Provides a Strategic Context for Infrastructure Protection/Resiliency Dynamic threat environment.

National Infrastructure Protection Plan (NIPP). 2 The NIPP Provides a Strategic Context for Infrastructure Protection/Resiliency Dynamic threat environment.
BITS Proprietary and Confidential © BITS 2003. Security and Technology Risks: Risk Mitigation Activities of US Financial Institutions John Carlson Senior.

BITS Proprietary and Confidential © BITS Security and Technology Risks: Risk Mitigation Activities of US Financial Institutions John Carlson Senior.
Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013 DRAFT.

Overview of NIPP 2013: Partnering for Critical Infrastructure Security and Resilience October 2013 DRAFT.
Seán Paul McGurk National Cybersecurity and Communications

Seán Paul McGurk National Cybersecurity and Communications

Similar presentations

Ads by Google