The Center for Internet Security announced Thursday that it is now offering a suite of endpoint security technologies to state and local governments enrolled in the Multi-State Information Sharing and Analysis Center. The Upstate New York nonprofit, which runs the federally funded MS-ISAC, said this new service could eventually cover more than 14 million devices used by nearly 12,000 members.
CIS’s Endpoint Security Services product contains tools from the cybersecurity vendor CrowdStrike, including endpoint detection and response, USB device monitoring, asset inventory, user monitoring and antivirus software. A CIS blog post states that it’s meant to provide “optimal protection” in the age of hybrid work environments, which many state and local governments have adopted, possibly permanently, since the pandemic began.
“Through the software, devices connected to networks in homes, coffee shops, and other locations are still protected,” the blog reads.
Endpoint security is meant to give cybersecurity officials a more up-to-date view of network activity and extend security measures to the devices themselves.
In a press release, CIS and CrowdStrike executives said this suite of tools will be run out of CIS’s 24-hour operations center in East Greenbush, New York.
“Our vision has always been aligned and we’ve both worked tirelessly over the years to drive innovation into security programs across U.S. SLTT organizations, defending them from today’s most prominent and evolved threats,” James Yeager, CrowdStrike’s vice president for the public sector and health care, said in the press release.
CIS said pricing for the tools depends on the size of a government organization. And while it’s being rolled out now to MS-ISAC members, the tools had previously been made available to members of the Election Infrastructure ISAC, the cybersecurity collective that CIS runs for election administrators.
The endpoint package, while positioned as an add-on service, is one of several new products CIS has offered to members of the MS-ISAC and EI-ISAC in the past two years. In September 2020, the organization added a malicious domain blocking and reporting service to help government organizations identify dangerous web domains and prevent their employees from accessing them. And in June, the MS-ISAC began providing its members with intelligence picked up by information-sharing organizations serving other sectors, including utility providers, health care and the financial industry.