ISACs - International Cyber Center

advertisement
The Role of The ISACs in
Critical Infrastructure
Protection and Resiliency
Denise Anderson
Vice Chair-National Council of ISACs
Vice President FS-ISAC, Government and Cross Sector Programs
Financial Services Information Sharing & Analysis Center
(FS-ISAC)
National Council of ISACs
Agenda
• Critical Infrastructure
• What is an ISAC?
• Sample descriptions of the various ISACs and
capabilities/reach
• What is the National Council of ISACs?
• Brief Overview of the FS-ISAC and Recent
Incidents
• Three Initiatives To Enhance Critical Infrastructure
Protection and Resilience
Critical Infrastructure
• 18 Defined Sectors:
Agriculture and Food
Defense Industrial Base
Energy
Healthcare & Public Health
Banking & Finance
Water
Chemical
Commercial Facilities
Critical Manufacturing
Dams
Communications
Postal & Shipping
Transportation Systems
Government Facilities
Emergency Services
Nuclear Reactors, Materials &
Waste
Information Technology
National Monuments & Icons
What is an ISAC?
•Relationship to sectors
•Funding/Structure/Operations
•Functions
Why ISACs?
 Trusted entities established by CI/KR owners
and operators.
 Comprehensive sector analysis
 Reach-within their sectors, with other sectors, and
with government to share critical information.
 All-hazards approach
 Threat level determination for sector
Why ISACs?
 Operational services such as risk mitigation,
incident response, and information sharing
 Fast response on accurate, actionable and
relevant information
 Empower business resiliency through security
planning, disaster response and recovery
execution. Most ISACs, by
definition, have 24/7
threat warning,
incident reporting capabilities
ISACs
•
•
•
•
•
•
•
•
Communications ISAC
Electricity ISAC
Emergency Management & Response ISAC
Financial Services ISAC
Highway ISAC
Information Technology ISAC
Maritime ISAC
Multi-State ISAC
ISACs
•
•
•
•
•
•
•
National Health ISAC
Public Transit ISAC
Real Estate ISAC
Research and Education ISAC
Supply Chain ISAC
Surface Transportation ISAC
Water ISAC
Other Operational Entities
• Defense Industrial Base (DIB)
• Nuclear
• Oil & Gas
• Chemical
• Airline
Financial Services ISAC
• The only industry forum for collaboration on critical
security threats facing the financial services sector
• Over 4,200 direct members and 30 member
associations
• Ability to reach 99% of the banks and credit
unions and 85% of the securities industry, and
nearly 50% of the insurance industry
• www.fsisac.com
Multi-State ISAC
• Includes all 50 States, the District of Columbia,
five U.S. Territories, one local governments per
state and all state homeland security offices
• The MS-ISAC continues to broaden its local
government participation to include all of the
approximate 39,000 municipalities and fusion
centers
• www.msisac.org
Surface Transportation ISAC
• Created by the Association of American Railroads
in 2002 at the request of the Secretary of
Transportation
• The ST-ISAC supports 95% of the North American
freight railroad infrastructure
• www.surfacetransportationisac.org
National Council of ISACs
Mission
• The mission of the National Council of Information
Sharing and Analysis Centers Council (ISACs) is to
advance the physical and cyber security of the
critical infrastructures of North America by
establishing and maintaining a framework for
valuable interaction between and among the ISACs
and with governments.
National Council of ISACs
 Began meeting in 2003 to address common
concerns and cross-sector interdependencies
 Volunteer group of ISACs who meet monthly to
develop trusted working relationships among
sectors on issues of common interest and work
on initiatives of value to CI/KR
Information Sources
Communications
Daily &
Weekly ISAC
Calls
PCIS
ISAC Ops
Centers
ISACs &
Other Sectors
DHS & Other
Government
Partners
National
Council of
ISACs
Private Sector
Liaison At The
NICC
Other Sources
(Hundreds)
ListServ and
Trusted
Relationships
Monthly
Meetings
Best Practice
Sharing - Joint
Statements White Papers
CIP Congress
ENS Calls And
Crisis Calls
Briefings
Financial Services ISAC
Brief Overview and Recent
Incidents in 2011
FS-ISAC Background
The Financial Services Information Sharing
and Analysis Center is:
• A nonprofit private sector initiative
• Designed/developed/owned by financial
services industry
• Lead agency: U.S. Treasury
• Founded in 1999
17
FS-ISAC Membership Growth
4500
4000
3500
3000
2500
2000
1500
1000
500
0
1/1/2004
1/1/2005
1/1/2007
2/1/2009
18
FS-ISAC Information Sharing and Analysis
Tools for Members
• Cyber & Physical alerts
from 24/7 Security Ops
Center
• Briefings/white papers
• Risk Mitigation Toolkit
• Document Repository
• Anonymous Submissions
• Committee Listservs
• Member surveys
• Bi-weekly Threat calls
• Special info sharing
member conference calls
• Crisis Management
process– CMLT, CINS
• Semi-annual conferences
• Webinars
• Regional Program
• Viewpoints
2011 YTD: Recent Incidents
2011 Breaches
• US companies experienced 662 reported data breaches in 2010
• March: RSA Open Letter reveals Advanced Persistent Threat
(APT) attack against its two-factor authentication product
(SecurID)
• April 1: Epsilon data breach
divulged email addresses for
unknown number
– 2,500 corporate clients
– 112 potential companies
Data Breaches
(Identity Theft Resource Center)
RSA Breach
March 11, 2011-Breach detected not public
– Thursday March 17, 2011 story broke
• Threat Intelligence Committee Call
– Friday March 18, 2011
• Cyber UCG call
• NCI call with DHS
• Threat Intelligence Committee Call w/RSA
• FS-ISAC Membership Call w/RSA
• NCI call
– Mitigation Report Working Group Calls
– Mitigation Report
– FS-ISAC, BITS Annual Summit – May 2011
Three Major Initiatives
To Enhance Critical Infrastructure Protection and Resilience
1. Liaison Programs
1. NICC
2. NCCIC
2. Information Sharing Frameworks
1. Directorate
2. CSISF
3. GISF
3. Classified Information Sharing
Who Is The NCCIC?
DHS Office of
Cybersecurity and
Communications (CS&C)
UCG
NCCIC
Liaisons
US CERT
NCC
NCSC
ICSCERT
DHS
I&A
Joint Coordination Center CSISF
• National Security Telecommunications Advisory
Council-NSTAC
• Cross-Sector Cyber Security Collaboration and
Analysis
• Pilot project initially involving the FS-ISAC; IT-ISAC;
Defense Security Information Exchange (DSIE) and
Communications ISAC.
CONTACT
Denise Anderson
VP FS-ISAC, Government & Cross-Sector Programs - FS-ISAC
Vice Chair-National Council of ISACs
danderson@fsisac.us
Download