MSISAC

1 / 36

About This Presentation

Title:

MSISAC

Description:

Services driven to state needs and have expanded since inception ... development of new or identification of existing cyber security education, ... – PowerPoint PPT presentation

Number of Views:44

Avg rating:3.0/5.0

Slides: 37

Provided by: eva138

more less

Transcript and Presenter's Notes

Title: MSISAC

1
MS-ISAC

Theresa Masse, Chief Information Security Officer
State of Oregon

2
ISACs

Information Sharing and Analysis Centers
Created in 1998 in response to a Presidential
Decision Directive
Public and private sector partnerships created to
share information about physical and cyber
threats, vulnerabilities, events to protect
critical infrastructure
Represent 14 critical infrastructures

3
MS-ISAC

Multi-State Information Sharing and Analysis
Center formed in 2003
Funded by the US Department of Homeland Security
Works collaboratively with a number of
organizations and other ISACs
First government entity to become a member of the
National ISAC Council

4
MS-ISAC

Focused originally on state government
Current focus includes local government
(counties, cities, municipalities, townships)
Services driven to state needs and have expanded
since inception
Oversight and staff support provided by the State
of New York

5
Mission

The mission of the MS-ISAC is to provide a
common mechanism for raising the level of cyber
security readiness and response in each state and
with local governments. The MS-ISAC provides a
central resource for gathering information on
cyber threats to critical infrastructure from the
states and providing two-way sharing of
information between and among the states and with
local government.

6
Major Objectives

Disseminate early warnings of cyber system
threats
Share security incident information
Provide trending and other analysis for security
planning
Distribute current proven security practices and
suggestions
Promote awareness of the interdependence between
cyber and physical critical infrastructure, as
well as between and among different sectors

7
Early warnings of threats

www.msisac.org/advisories
Advisories include
Overview
Systems affected
Risk levels for government, business, home users
Recommendations
References

8
Early warnings of threats
9
Dashboard

www.msisac.org/dashboard

10 Ten Ports Under Attack
DHS/ISAC Current Alert Levels
Top 10 Attacking IPs
Top Attacking IPs Locations
Latest Viruses, News and Advisories
Top 5 Countries -Cyber Attacks in US
US Time Zone Information
How To and Help

10
Cyber Security Awareness

Monthly Security Tips Newsletter

11
Cyber Security Awareness

oregon.gov/DAS/EISPD/ESO/pub.shtml

12
SANS Training

SANS training at greatly reduced prices
Class System Forensics, Investigation and
Response (SEC508)
Training only 995 (list price 3,445)
Training and 1 GIAC Certification Exam Attempt
1,395
Training and 1 Proctored GIAC Certification Exam
Attempt 1,445 (Please note proctored exam is
applicable to the SANS Masters degree)

13
SANS Training

New SANS OnDemand 2
Courses Being Offered
Class MGT414 SANS S Training Program for the
CISSP Certification ExamMS-ISAC Price 895
Class SEC504 Hacker Techniques, Exploits and
Incident HandlingMS-ISAC Price 895
SANS OnDemand MGT 414 and SEC504MS-ISAC
Discount extended from June 30, 2007 to July 13,
2007

14
Computer-Based Training
15
Sentinel Training

http//www.sentinelproject.net/about.html
Coming to Portland Sept. 24-28
Two courses available
Cybersecurity Prevention, Deterrence Recovery
Cybersecurity Incident Handling Response

16
Sentinel Training

Prevention, Deterrence, Recovery
This class is designed primarily for public
safety employees who assist or maintain computer
and network operations for their organization.
Subjects include detection (e.g., anti-virus
programs), interdiction (e.g., passwords, system
patches, firewalls), critical infrastructure
protection (e.g., e-mail attachments, program
downloads and installation, back-up policies,
file and folder security), and information
sharing (e.g., secure transfer of XML data).

17
Sentinel Training

Incident Handling Response
This class is designed primarily for technical
investigators and first responders. Students will
be taught techniques to trace intrusions back to
their source, methods for dealing with malicious
computer viruses and Trojans, and what
governmental agencies can provide as assistance
and resources. As part of a class exercise, real
world examples and problems will be stored on
servers for the participants to investigate in
order to acquire real-world, hands-on training.
Some of the subjects for this class will include
log collection and analysis, network forensics,
IP tracing, digital interception, technology
laws, network security, and digital interception.

18
National Webcast Initiative

In partnership with DHS National Cyber Security
Division
Series of national webcasts that examine critical
and timely cyber security issues
Available to a broad audience
All sessions are recorded and archived for
viewing (www.msisac.org/webcast/)

19
National Webcast Initiative

Upcoming webcasts
8/22 Keeping your Broadband Internet Connection
Secure
10/17 Kids Safe Online
12/19 BotNets

20
National Webcast Initiative

Recent webcasts
6/20/07 Security Policy Enforcement Secure
Network Access
4/18/07 Mobile Security and Encryption
2/15/07 Digital Forensics for Organizations
12/14/06 Cyber Security What Does the Future
Hold?

21
Services highlights

Distribution of cyber security advisories and
bulletins
Public Web site
Participation in cyber exercises
Development of common incident response and cyber
alert level protocols
Support National Cyber Security Awareness Month
Collaboration

22
Public Web site

www.msisac.org

23
Alert level protocols

See example at www.cscic.state.ny.us/alertlevel/

24
Cyber Security Awareness

Support and promotion of National Cyber Security
Awareness Month

Public Service Announcements
25
Cyber Security Awareness

Toolkit of awareness materials sent to members
annually in the fall

26
Legislative Resources

www.msisac.org/legnews

27
Local Government Resources

www.msisac.org/localgov

28
MS-ISAC Workgroups

Cyber Exercise
Legislative
Outreach and Marketing
Procurement
Operations
Education and Awareness
Metrics and Compliance

29
Cyber Exercise

Objective Focused on facilitating cyber exercise
programs for MS-ISAC and states participation

30
Legislative

Objective Focused on tracking all major
legislation, rules and regulations across the
country relating to cyber security issues, and
recommending relevant cyber security legislation
for the MS-ISAC to support.

31
Outreach and Marketing

Objective Focused on recommending strategies for
distribution of cyber security education,
training and awareness content as well as cyber
alerts and advisories to states and localities.
Also focused on marketing of the MS-ISAC services
and programs.

32
Procurement

Objective Focused on assisting state governments
in identifying strategies or procurement of goods
and services related to cyber security
initiatives facilitating opportunities for state
and local joint procurement as well as
identifying and recommending available grant
opportunities.

33
Operations

Objectives Focused on strategies for operational
cyber security initiatives both within the
MS-ISAC, as well as the state level. This
includes recommendations of standards and
procedures for incident reporting and response.

34
Education and Awareness

Objective Focused on recommending development of
new or identification of existing cyber
security education, awareness and training
content for states and localities. This includes
recommendation of MS-ISAC program for annual
National Cyber Security Awareness Month.

35
Metrics and Compliance

Objective Focused on recommending and
implementing methodologies to help states with
cyber security metrics and compliance inventory,
assessment and audit of their cyber security
assets.

36
Summary