The National Infrastructure Advisory Council (NIAC) in its report entitled "Public-Private Sector Intelligence Coordination" identified the value to the nation of private sector information sharing and analysis through four case studies. The report reviewed information sharing and analysis during four events: the August 2003 Blackout, the July 2004 Financial Services Threat Alert, the July 2005 London Bombings, and the October 2005 New York Public Transit Threat Alert.
Lessons learned Edit
The report cited conclusions and lessons learned from these four events, including:
- In this age of continuing terrorist threats to U.S. interests, the Federal government must engage the private sector early in analyzing and disseminating information and intelligence. Private sector expertise is critical in knowing what information is important, knowing who to contact with the information, and knowing what action to take as a result.
- Existing communication architectures among private/public sector organizations are useful for information sharing and analysis. The private sector possesses a profound understanding of cybersecurity. Subject matter experts can analyze network information quickly and accurately to support analysis.
- It became clear early on August 15, 2003 that coordination between the Electricity Sector Information Sharing and Analysis Center (ESISAC) and the Information Technology Information Sharing and Analysis Center (IT-ISAC) provided enough assurance to electric sector investigators to allow them to focus on physical causative factors and restoration. The cyber investigation led by the Department of Homeland Security (DHS) confirmed these initial findings.
- During the London bombing incidents, DHS and other government information shared with critical infrastructure owner/operators lagged between three and four hours compared to information disseminated by the ISACs with the notable exception of NYPD Shield. In addition, initial reporting to other possibly affected sectors was from the PT/ST-ISAC.