Name:National Council of ISACs
The National Council of ISACs, formerly known as the ISAC Council, was formed in 2003 when a volunteer group of ISAC representatives
decided to meet monthly to develop trusted relationships among the sectors, and address common issues and concerns.
- Information Sharing and Analysis Centers (ISAC): ISACs are trusted entities established by Critical Infrastructure Key Resource (CI/KR) owners and operators to provide comprehensive
sector analysis, which is shared within the sector, with other sectors, and with government. ISACs take an all-hazards approach
and have strong reach into their respective sectors, with many reaching over 90 percent penetration. Services provided by
ISACs include risk mitigation, incident response, alert and information sharing. The goal is to provide users with accurate,
actionable, and relevant information. Member benefits vary across the ISACs and can include: access to a 24/7 security operations
center, briefings, white papers, threat calls, webinars, and anonymous CIKR Owner/Operator reporting.
- NC-ISAC Officers
- Denise Anderson: Financial Services ISAC, Chair
- Scott Algeier: Information Technology ISAC, Vice-Chair
- Josh Poster: Surface Transportation ISAC, Secretary
- NC-ISAC Committees
- NC-ISAC Education and Outreach Committee
- Sam Lombardo: EMR ISAC, Co-Chair
- NC-ISAC Operations Committee
- Scott Algeier: IT-ISAC - Co-Chair
- Denise Anderson: FS-ISAC, Co-Chair
- Member ISACs
- Communications ISAC: The Communications ISAC mission is to facilitate voluntary collaboration and information sharing among government and industry
in support of Executive Order 12472 and the national critical infrastructure protection goals of Presidential Decision Directive
63 (PDD-63); to gather information on vulnerabilities, threats, intrusions, and anomalies from multiple sources and perform
analysis with the goal of averting or mitigating impact upon the telecommunications infrastructure.
- ES-ISAC: The ES-ISAC serves the Electricity Sector by facilitating communications between electricity sector participants, federal
governments, and other critical infrastructures. It is the job of the ES-ISAC to promptly disseminate threat indications,
analyses, and warnings, together with interpretations, to assist electricity sector participants take protective actions.
- EMR ISAC: The mission of the EMR ISAC is to collect and analyze critical infrastructure protection and resilience information having
potential relevance for Emergency Services Sector departments and agencies and to synthesize and disseminate the information
to leaders, owners, and operators of the emergency services.
- FS-ISAC: The FS-ISAC is the only industry forum for collaboration on critical security threats facing the financial services sector.
When attacks occur, early warning and expert advice can mean the difference between business continuity and widespread business
catastrophe. Members of the Financial Services Information Sharing and Analysis Center (FS-ISAC) receive timely notification
and authoritative information specifically designed to help protect critical systems and assets from physical and cyber security
- NH-ISAC: The NH-ISAC serves to protect the nation's healthcare and public health critical infrastructure against security threats and
vulnerabilities. The mission of the NH-ISAC is to ensure and preserve the public trust by advancing the integrity and cybersecurity
protection of the nation's healthcare and public health sector's critical infrastructure.
- IT-ISAC: The Information Technology Information Sharing and Analysis Center (IT-ISAC) is a trusted community of security specialists
from companies across the Information Technology industry dedicated to protecting the Information Technology infrastructure
that propels today's global economy by identifying threats and vulnerabilities to the infrastructure, and sharing best practices
on how to quickly and properly address them. The IT-ISAC also communicates with other sector specific ISACs, enabling members
to understand physical threats, in addition to cyber based threats. Taken together, these services provide members a current
and coherent picture of the security of the IT infrastructure
- Maritime Security ISAC: The Maritime Security ISAC, is a non-profit, member driven organization representing ocean carriers, cruise lines, port facilities
and terminals, logistics providers, importers, exporters and related maritime industries throughout the world. Our mission
is to advance the security of the United States and the international maritime community by representing maritime interests
before government bodies; acting as liaison between industry and government; disseminating timely information; encouraging
and assisting in the development of industry-specific technologies; and convening educational and informational conferences
for our membership and government partners.
- MS-ISAC: The Multi-State Information Sharing and Analysis Center (MS-ISAC) is a collaborative state and local government-focused cyber
security entity that is significantly enhancing cyber threat prevention, protection, and response and recovery throughout
the states of our nation. The mission of the MS-ISAC is to provide a common mechanism for raising the level of cyber security
readiness and response in each state/territory and with local governments. The MS-ISAC provides a central resource for gathering
information on cyber threats to critical infrastructure and providing two-way sharing of information between and among the
states, territories and with local government.
- Nuclear Energy Institute: The Nuclear Energy Institute (NEI) is the policy organization of the nuclear energy and technologies industry and participates
in both the national and global policy-making process. NEI's objective is to ensure the formation of policies that promote
the beneficial uses of nuclear energy and technologies in the United States and around the world.
- PT-ISAC: The PT-ISAC is a trusted, sector-specific entity which provides to its constituency a 24/7 Security Operating Capability that
established the sector's specific information/intelligence requirements for incidences, threats and vulnerabilities. Based
on its sector-focused subject matter analytical expertise, the ISAC then collects, analyzes, and disseminates alerts and incident
reports It provides to its membership and helps the government understand impacts for their sector. It provides an electronic,
trusted ability for the membership to exchange and share information on all threats, physical and cyber, in order to defend
public transportation systems and critical infrastructure. This includes analytical support to the Government and other ISACs
regarding technical sector details and in mutual information sharing and assistance during actual or potential sector disruptions,
whether caused by intentional or natural events.
- Real Estate ISAC: Since the World Trade Center Attacks in September 2001, high-profile office properties, apartment buildings, shopping malls
and hotels all have been identified as potential terrorist targets at one time or another. In response, industry organizations
have worked with government officials to prevent, detect and respond to terrorist threats and malicious incidents. The Real
Estate ISAC, a not-for-profit organized by The Real Estate Roundtable and announced in February 2003, represents both a coordinated
and an elevated response to these issues. The ISAC is a public-private partnership between the U.S. real estate industry and
federal homeland security officials. The partnership facilitates information sharing on terrorist threats, warnings, incidents,
vulnerabilities and response planning - to counter terrorism and protect buildings and the people who occupy and use them.
- REN-ISAC: The REN-ISAC mission is to aid and promote cyber security operational protection and response within the higher education
and research (R&E) communities. The mission is conducted within the context of a private community of trusted representatives
at member institutions, and in service to the R&E community at-large. REN-ISAC serves as the R&E trusted partner for served
networks, the formal U.S. ISAC community, and in other commercial, governmental, and private security information sharing
- SC-ISAC: The Supply Chain ISAC offers the most comprehensive forum for collaboration on critical security threats, incidents and vulnerabilities
to the global supply chain. Its mission is to facilitate communication among supply chain dependent industry stakeholders,
foster a partnership between the private and public sectors to share critical information, collect, analyze and disseminate
actionable intelligence to help secure the global supply chain, provide an international perspective through private sector
subject matter experts and help protect the critical infrastructure of the United States.
- ST-ISAC: The ST-ISAC was formed at the request of the Department of Transportation. The ISAC provides a secure cyber and physical security
capability for owners, operators and users of critical infrastructure. Security and threat information is collected from worldwide
resources, then analyzed and distributed to members to help protect their vital systems from attack. The ISAC also provides
a vehicle for the anonymous or attributable sharing of incident, threat and vulnerability data among the members. Members
have access to information and analytical reporting provided by other sources, such as the U.S. and foreign governments; law
enforcement agencies, technology providers and international computer emergency response teams (CERTs).
- WaterISAC: The Water Information Sharing and Analysis Center (WaterISAC) was authorized by Congress in 2002 and created and managed by
the water sector. Its mission is to keep drinking water and wastewater utility managers informed about potential risks to
the nation's water infrastructure from contamination, terrorism and cyber threats. The mission has been expanded to help utilities
respond to and recover from all hazards. Funded by subscriber fees and matching federal funds, WaterISAC links members through
a secure online portal. The subscriber base includes water utilities and state and federal agencies dealing with security,
law enforcement, intelligence, the environment and public health.