MS-ISAC members from 45 states, 3 U.S. territories and dozens of local governments met on August 20, 2012, to share ideas and identify solutions to address Advanced Persistent Threat and other cyber security challenges.
The Multi-State Information Sharing and Analysis Center (MS-ISAC), a division of the not-for-profit Center for Internet Security, commenced its Ninth Annual Meeting Monday morning in Atlanta, Georgia.
The event brought together state Chief Information Security Officers and other cyber security professionals from the nation's state, local and territorial governments, along with representatives from the U.S. Department of Homeland Security and industry experts for briefings on current cyber threats, hands-on workshops and best practice sessions.
More than 160 MS-ISAC members, speakers and partners are participating. The event is held in conjunction with the GFIRST Annual Conference, hosted by the United States Computer Emergency Readiness Team (US-CERT).
William Pelgrin, MS-ISAC founder and chair, opened the session with highlights of the MS-ISAC's accomplishments, including the expansion of the MS-ISAC 7 x 24 Cyber Security Operations Center, through which malicious activity is detected and the public sector alerted; deployment of full-time staff to the federal cyber security operational center (the National Cybersecurity and Communications Integration Center); and increase in the level of MS-ISAC participation from local governments.
Howard Schmidt, former White House Cyber Security Coordinator, provided the keynote address and engaged the attendees in an interactive discussion about the challenges facing state and local governments.
The opening session also included the installation of Jim Richards, West Virginia Chief Information Security Officer, to the MS-ISAC Executive Committee. Jim was elected by his MS-ISAC colleagues and joins the following current members of the Executive Committee:
- Christopher Buse - Chief Information Security Officer, State of Minnesota
- Joseph Frohlich - IT Director, Ravalli County, Montana
- Tim Guerriero - Director, Access & Threat Assessment/Response Group, Commonwealth of Massachusetts
- Arnold Kishi - Program Advisor, State of Hawaii, Department of Accounting and General Services, Information and Communication Services Division
- Theresa Masse - Chief Information Security Officer, State of Oregon
- William Pelgrin - Chair, MS-ISAC
- Lynne Pizzini - Information Security Officer, State Information Technology Services Division, State of Montana
- Chris Rodgers - Commissioner, Douglas County, Nebraska
- Mike Russo - Chief Information Security Officer, State of Florida
- Elayne Starkey - Chief Information Security Officer, State of Delaware
Advanced Persistent Threat (APT) was a key focus of the sessions at this year's MS-ISAC Annual Meeting. APT refers to a long-term pattern of targeted hacking attacks using subversive and stealthy means to gain continual, persistent access in order to exfiltrate intellectual capital. The entry point for APT is often the unsuspecting end-user or weak perimeter security.
Phishing scams targeting police departments across the nation, disgruntled employees hacking into municipal networks, and public health records being stolen by cyber criminals are just a few of the challenges state and local governments have faced recently.
"I thank the MS-ISAC members for their continued commitment to addressing these challenges and working to improve our collective cyber posture," said Pelgrin, who is also president and CEO of CIS.
"The collaboration with the members and our partnership with the U.S. Department of Homeland Security's National Cyber Security Division are the keys to our success in providing a trusted cyber resource for this country's state, local and territorial governments."
Sessions during the three-day Annual Meeting also cover topics including identity and access management, disaster preparedness, bring your own device, and implementation of cost-effective cyber solutions.
About the Multi-State Information Sharing and Analysis Center: The Multi-State Information Sharing and Analysis Center (MS-ISAC), a division of the not-for-profit Center for Internet Security, is the focal point for cyber threat prevention, protection, response and recovery for the nation's state, local, territorial and tribal governments. The MS-ISAC 24x7 cyber security operations center provides real-time network monitoring, early cyber threat warnings and advisories, vulnerability identification and mitigation, and incident response. The MS-ISAC coordinates closely with the U.S. Department of Homeland Security through its National Cyber Security Division.
About the Center for Internet Security: The Center for Internet Security (CIS) is a not-for-profit organization whose mission is to enhance the cyber security readiness and response of public and private sector entities, with a commitment to excellence through collaboration. CIS comprises three divisions: the Multi-State Information Sharing and Analysis Center, which serves as a key cyber security resource for the nation’s state, local, territorial, and tribal (SLTT) governments; the Security Benchmarks Division, which provides consensus best practice standards for security configurations; and the Trusted Purchasing Alliance, which serves SLTT governments and not-for-profits in achieving a greater cyber security posture through trusted expert guidance and cost-effective procurement.