Information Sharing and Analysis Center

Definition

Information Sharing and Analysis Centers (ISAC) are a concept that was introduced and promulgated pursuant to Presidential Decision Directive 63 (PDD-63), signed May 22, 1998. PDD-63 recognized the potential for the critical infrastructures of the United States to be attacked either through physical or cyber means with the intent to affect the military or economic power of the country.

In PDD-63, the federal government asked each critical infrastructure sector to establish sector-specific information sharing organizations to share information, within each sector, about threats and vulnerabilities to that sector. In response, many sectors established Information Sharing and Analysis Centers to meet this need.^[1] They are trusted entities established by critical infrastructure owners and operators.

Table 1 provides a list of functional ISACs.

What is an ISAC?

By definition, an ISAC is a trusted, sector-specific entity which performs the following functions:

• provides to its constituency a 24/7 secure operating capability that establishes the sector’s specific information sharing/intelligence requirements for incidents, threats and vulnerabilities;
• collects, analyzes, and disseminates alerts and incident reports to it membership based on its sector-focused subject matter analytical expertise;
• helps the government understand impacts for its sector;
• provides an electronic, trusted capability for its membership to exchange and share information on cyber, physical and all threats in order to defend the critical infrastructure; and
• share and provide analytical support to government and other ISACs regarding technical sector details and in mutual information sharing and assistance during actual or potential sector disruptions whether caused by intentional, accidental or natural events.

Why ISACs?

• ISACs have unique capabilities to provide comprehensive sector analysis and have the ability to reach extensively within their sectors, with other sectors, and with government to share critical information.
• ISACs comprehensively respond to all aspects of security and “all hazards.” Critical technical, IT/cyber, and physical infrastructures and cross-sector interdependencies are analyzed and addressed.
• After many years of experience, especially during events of national significance, ISACs have demonstrated successes in providing operational services such as risk mitigation, incident response, and information sharing that protects the nation’s critical infrastructures.
• ISACs have a track record of responding to and sharing actionable and relevant information more quickly than the Department of Homeland Security and doing so in an accurate manner.
• ISACs empower business resiliency through security planning, disaster response and execution. Most ISACs, by definition, have 24/7 threat warning, incident reporting capabilities which are critical to the success of protecting critical infrastructure.

Specific ISACs

The following are statistics regarding a select number of the ISACs’ reach within their respective sectors:

• Communications ISAC The DHS National Coordinating Center partners with the private sector in the ISAC and provides 24x7 operational support. Members include communications equipment and software vendors, 95% of wireline communications providers, 90% of wireless communications providers, including satellite providers, and 90% of Internet service provider backbone networks.
• Electricity Sector ISAC (ES-ISAC) is part of the North American Electric Reliability Corporation[1] (NERC), the ES-ISAC's coverage, direct to a given bulk power system entity or via the 18 Reliability Coordinators covers the entire continental United States and Canada and is virtually 100%. The ES-ISAC is also working on developing the necessary communication and participation with non-bulk power system entities (i.e. smaller electric distribution organizations) to include relationships with their critical suppliers.
• Financial Services ISAC (FS-ISAC) has over 4,200 direct members and through 30 member associations, has the ability to reach 99% of the banks and credit unions and 85% of the securities industry, and nearly 50% of the insurance industry.
• Information Technology ISAC (IT-ISAC) through its members reaches 90% of all desktop operating systems, 85% of all databases; 76% of the global microprocessor market; 85% of all routers and 65% of software security.
• Multi-State ISAC (MS-ISAC) includes all 50 States, the District of Columbia, four U.S. Territories many local governments. Additionally, the MS-ISAC continues to broaden its local government's participation to include all of the approximate 39,000 municipalities.
• Public Transit ISAC (PT-ISAC) The American Public Transportation Association (APTA) was designated by the US Department of Transportation as the sector coordinator for the US public transit industry. In this role APTA created the PT-ISAC to serve the needs of the industry. APTA's members serve more than 90% of persons using public transportation in the United States and Canada.
• Real Estate ISAC (RE-ISAC)
• Research & Education ISAC (REN-ISAC)
• Surface Transportation ISAC (ST-ISAC). In 2002, at the request of the Secretary of Transportation, the Association of American Railroads created the ST-ISAC. The ST-ISAC supports 95% of the North American freight railroad infrastructure.
• Water ISAC currently provides security information to water and wastewater utilities that provide services to more than 65% of the American population.

References

1. More information on ISACs can be found here.