A key network of partnerships to better protect a range of infrastructure sectors marks its 15th year of progress by continuing to build upon a framework for valuable private-to-private and private-to-public security and awareness coordination.
The National Council of Information Sharing and Analysis Centers (NCI), a cross-sector partnership providing a forum for sharing cyber and physical threats and mitigation strategies for the critical infrastructure, consists of critical infrastructure sector-based information sharing and analysis centers (ISACs).
ISACs have their roots in the 1998 Presidential Decision Directive-63, which directed federal agencies to encourage industry sectors to establish organizations to share security threat and vulnerability information with critical infrastructure owners and operators and the federal government. The role of ISACs was subsequently reinforced in the 2013 National Infrastructure Protection Plan (NIPP-2013) and in recent executive orders.
The first ISAC was established in 1999, and in 2003 the National Council of ISACs was formed by a handful of member ISACs. NCI works to advance the physical and cyber security of U.S. critical infrastructure among its 23 members including 21 nonprofit, sector-based ISACs, which provide stakeholders with trusted forums for sharing alerts and analysis, subject matter expertise, best practices and mitigation resources. These groups specialize in cybersecurity, physical security or both, and many are the designated operational arms of their sectors working in coordination with the Sector Coordinating Councils. Member ISACs serve a range of sectors, from automotive to energy and from financial services to water, with defense, telecommunications, retail and many others in between. A number of ISACs have global operations and memberships.
“The NCI is a true cross-sector partnership,” said Denise Anderson, NCI’s chair and the president of the National Health ISAC (NH-ISAC). “The sectors supported by the ISACs are crucial to the well-being of the United States and the global community. NCI’s goal is to bring the ISACs together and tap expertise in the private sector and the government to enhance security and improve recovery in the event of incidents and disasters.”
“The fact that NCI is celebrating 15 years this year goes a long way to show how important ISACs are to their communities,” she continued. “The NCI and its member ISACs continue to grow and thrive and I am honored to serve the NCI and work with such an outstanding group of organizations and individuals.”
In more recent years, through the council’s Operational Coordination Forums, ISACs, federal agencies and other partners join together to identify actions that can be taken to improve coordination during steady-state and incidents to better support cross-sector critical infrastructure security and resilience.
At the NCI, member ISACs confer and collaborate with each other daily, weekly and monthly via conference calls, listservers and in-person meetings on cyber and physical threats seen in their sectors. During incidents requiring cross-sector response, member ISACs work together and with government partners to facilitate response and recovery.
The council also conducts and participates in cross-sector exercises, works with the National Infrastructure Coordinating Center (NICC) and the National Cybersecurity and Communications Integration Center (NCCIC) during steady-state and incidents, hosts emergency calls as needed and develops joint white papers on threats. The NCI also has been a leader and a force in promoting the use of automated cyber threat indicator sharing by ISACs and infrastructure owners and operators.
“NCI is looking toward to the future,” Anderson added. “NCI’s membership will continue to grow as new ISACs form, and NCI’s capabilities will continue to evolve to meet the growing security threats critical infrastructure faces.”