MS-ISAC members get access to other industries’ cyber intel
State and local government agencies that belong to the Multi-State Information Sharing and Analysis Center, the federally backed organization that shares cybersecurity tools and intelligence, can now get insights from other industries, including the financial, health and utility sectors, through a new partnership between the MS-ISAC and the consulting firm Deloitte.
Deloitte and the Center for Internet Security, the nonprofit group that operates the MS-ISAC, announced last week that members will now get free access to a Deloitte website that collects information about cyber threats affecting the company’s clients across many practice areas. The Detect and Respond Portal, as the site is known, is usually a paid product used by information security professionals working for Deloitte’s corporate clients.
Doug Powers, a managing director in Deloitte’s cyber risk practice, told StateScoop the decision to make it free to MS-ISAC members was fueled by government cybersecurity officials who said they needed a clearer view of the threats facing other sectors with which they frequently interact.
“ISACs are all well and good, but the adversaries exploit across industries,” he said. “Where the nexus of that comes together is state and local governments. They are working with hospitals, transportation, finances. They hit every industry.”
There are a range of ISACs for a wide variety of non-government fields, with some of the most active including organizations representing the energy, health and financial industries, but Powers said there’s little crossover.
“When it’s the MS-ISAC, it’s limited to that [government] sector.”
Deloitte’s portal, he said, allows users to see threat information categorized by sector, malicious actor or system that could be affected by a specific threat. And opening it to the MS-ISAC could bring in a bigger user base — the organization last year surpassed 10,000 members. So far, Powers said, 837 members — including state and local agencies, universities and K-12 school districts — have logged on.
The security conditions imposed by the COVID-19 pandemic, he said, helped fuel the decision to make the site more widely available, as widespread remote work made government networks more susceptible to attacks.
“COVID came along, remote work spiked, we saw adversaries doing phishing attacks on [employees’ personal] devices,” he said. “The world’s changed. We were watching states and locals get compromised. We’re citizens too.”
He also said the new portal access is a response to the biennial surveys Deloitte conducts of state chief information security officers on behalf of the National Association of State Chief Information Officers. In the most recent version of that report, published last October, CISOs said they wanted to increase their intelligence and knowledge sharing.
“This is putting feet on it at the next level,” Powers said. “This gives them visibility into threats and timeliness.”
