Network Security Information Exchanges (NSIE) allow Industry and Government to voluntarily share sensitive information on threats to operations, administration, maintenance, and provisioning systems supporting the telecommunications infrastructure. Government NSIE members include departments and agencies that use National Security/Emergency Preparedness (NS/EP) communications services, represent law enforcement, or have information relating to network security threats and vulnerabilities.
In May 1991, the National Security Telecommunications Advisory Committee (NSTAC) finalized the charters for the NSIE, and Government and industry designated their NSIE representatives, chairmen, and vice-chairmen. The first meeting of the NSIEs was held in June 1991. NSIE representatives include industry subject matter experts engaged in prevention, detection, and/or investigation of communications software penetrations or who have security and investigative responsibilities.
The two NSIEs, the NSTAC NSIE and the Government NSIE, each have separate charters and memberships, but they meet jointly to share information. Members voluntarily share information related to threats, incidents, and vulnerabilities affecting PN software. This information includes attempted or actual penetrations or manipulations of software, databases, and systems related to critical NS/EP telecommunications. NSIE members are expected to share information on —
- new intrusion activities or updates to previously discussed intrusion activities
- vulnerabilities with the potential to result in intrusions or put systems at risk
- vulnerabilities with the potential to allow authorized users to exceed permission or unintentionally damage a system, its information, or performance
- significant new malicious code
- hacker skills, tools, or new methods of attack
- threats to the public networks
- security policies, processes, or procedures found to be useful in mitigating significant security risks
- problems with the potential to affect the availability, confidentiality, or integrity of infrastructure systems, and
- new or ongoing law enforcement cases regarding intrusions into communications and information system networks.
The NSIE holds multilateral exchange meetings with its counterparts from the United Kingdom, Canada, Australia, and New Zealand.
- Overview section: Telecommunications Outage and Intrusion Information Sharing Report , at 20-21.