Print this chapterPrint this chapter

Chapter 2 Exploring Cybersecurity Threats

2. Threat Data and Intelligence

2.7. Information Sharing Organizations

Audio

 

 

Transcript

So let's talk about information sharing organizations. There's two that we're going to cover. One is the information sharing and analysis centers. So that is what's called isacs.

And there's multiple ones of them. So I'll go over a little.

Bit about the tech says.

Information sharing analysis centers isacs help infrastructure owners operate shared threat information and provides tools and assistance to their members. So it's proprietary. It's not.

3 The ISAC concept was introduced in 1998 as part of the presidential decision, which asked critical infrastructure sectors to establish organizations to share information about threats and vulnerabilities.

Isacs operate on a trust model, allowing in-depth sharing of threat information for both physical and cyber threat. Most Isaacs operate 24/7, providing Isaac members with in their sector with incident response and threat analysis.

In addition to the Isacs, there are specific US agencies or department partners for each critical infrastructure. So what that means is that there's these information sharing organizations, isacs and they are set up by infrastructure.

So like there will be an Isaac for.

Medical there are being Isaac for financial there are being Isaac for industrial. There being an Isaac for airline, there's an Isaac for NASA. So there's these different isacs and what happens is 24/7 they're running. 

And if something pops, you will get an alert which will tell you, hey, you know this vulnerability is out there or this attack is happening. Here's tools that can be used and it shares the information within inside that structure to its members.

One of the things is if you remember, you agree not to share that outside of the membership. So it's proprietary. So that's that is one of the things. And then outside let's talk about the other one which is the National Protective Security Authority NPS a that's in the United Kingdom.

Outside the United States, government bodies and agencies with similar responsibilities exist in many countries.

The one in the UK is the Npsa, which I said was the National Protective Security Authority. It's tasked with providing threat information, resources and guidance to industry and academia as well as other parts of the UK Government and law enforcement. I like our better.

Because it's more regulated to specific industry. So if you're in medical, you're only getting the medical alerts, you're not getting the others. And the fact that it runs 24/7, I was at a previous organization. 

That was in the financial field and we got those and I worked a 12 hour shift, 13 hour shift. I went in at 7:00 at night and got off at 8:00 in the morning and we'd get them at 2:00 AM. Hey, this happened and we would have to investigate to see if any of that.

In our system, so you know very that information is you know very relevant, very timely. You know that's something that you would have high confidence in coming from them.