Karen Sorady is the Vice President of MS-ISAC Member Engagement at the Center for Internet Security (CIS). Prior to joining CIS, she was New York State’s Chief Information Security Officer. Karen’s public sector career spans more than 30 years with a wealth of experience in government cybersecurity and information technology.
The cybersecurity threats that state, local, tribal and territorial governments are facing may seem overwhelming, but no leader should feel like they are alone in this fight. In fact, there is a large community of leaders who understand exactly what their peers are going through, and who are willing to share threat intelligence and cybersecurity strategies.
The Multi-State Information Sharing and Analysis Center (MS-ISAC) is an organization built on the idea that a community is stronger when it stands together. Originally founded by states, for states, the organization has grown to include more than 14,000 members from across state, local, tribal and territorial governments and their agencies. The center’s members believe in working together and learning from one another to defend against common threats.
The group advocates for a defense-in-depth approach to security which calls for layering defenses across an organization’s IT infrastructure. But unique to the MS-ISAC’s approach to defense is that it calls for community as a key pillar of the defense strategy.
Community as a first layer of defense
While there is no such thing as an impenetrable cyber defense, applying successive layers of protection provides the best possible defense against sophisticated cyber threats. Adding community as the first layer of defense is invaluable, especially for organizations that have limited resources for their security operations.
The MS-ISAC, which is a division of the Center for Internet Security (CIS), was started back in 2002 by a group of states that recognized the need for better methods of information sharing and collaborative approaches to threat mitigation. It has grown exponentially since then and boasts the largest knowledge base of threats impacting state, local, tribal and territorial (SLTT) governments in the country today.
Access to that knowledge base is critical for leaders in the SLTT community with varying levels of security maturity and expertise to deal with known threats. Since it is quite likely that somebody else has dealt with the issue before, accessing peer knowledge through the MS-ISAC can help security leaders solve certain challenges at a quicker pace than if they had tried to do it on their own.
The exponential membership growth in recent years allows the MS-ISAC to expand to other communities of practice within the SLTT community, such as K-12 schools, public utilities, law enforcement, healthcare, transportation and more.
More recently, as the MS-ISAC develops the structure of smaller communities of practice, those groups are able to share access to threat data and lessons learned with organizations that have a similar risk profile and the same unique challenges.
Homing in on best practices
A defense-in-depth strategy is a strong approach to defending an organization’s data and IT infrastructure. But for SLTT organizations that are not equipped with the necessary budget and technical skills, implementing the appropriate tools and policies at the right layers can be overwhelming.
Working with the MS-ISAC helps leaders prioritize those best practices which will help the organization meet critical security standards and build-up defenses against modern threats.
Two essential layers of defense-in-depth include adopting a security framework and implementing cyber hygiene. But CIS also provides globally-recognized best practices, the CIS Critical Security Controls, which are mapped to the NIST cybersecurity framework and designed to meet the bottom-line protections that everyone should be implementing. These controls have proven to be effective in stopping between 77% to 86% of common cyberattack methods.
Membership in the MS-ISAC is available at no cost to any U.S. state, local, tribal and territory government. There’s a number of no- and low-cost services that are included in the membership, such as security monitoring from a shared SOC, access to up-to-date threat intelligence, and, of course, one of the biggest benefits is being able to access a robust cybersecurity knowledge base informed by peer organizations and more than 200 intelligence sources.
We are all facing the same global cyber threats, but no organization should ever feel like they are facing these threats alone.Learn more about how to join the MS-ISAC to access a community and resources to learn best practices in dealing with cybersecurity that effect state, local, tribal and territorial government agencies.