Online: | |
Visits: | |
Stories: |
Story Views | |
Now: | |
Last Hour: | |
Last 24 Hours: | |
Total: |
WireService.co
LIGHTNING RELEASES: Kennedy Space Center, FL – Friday, February 13, 2015 – Through a Presidential Executive Order released today by the office of the Press Secretary, the White House issued a strong directive to the private and public sector that increased threat data sharing is not just a desired element used to battle cyber security risks; it is essential.
NH-ISAC was acknowledged in the Presidential Executive Order: Information Sharing and Analysis Centers (ISAC’s) are still considered the “Essential drivers of effective cybersecurity collaboration”.
In addition to ISAC’s, the Executive Order also acknowledges a need for wider distribution of cyber intelligence across the private sector through the development of ISAO’s or Information Sharing and Analysis Organizations.
Reid Stephen, Director of IT Security at St. Luke’s Health System, complimented the Executive Order’s call for greater dissemination of information. “Information sharing is essential to elevating the cyber security posture of all entities. The rapid sharing of information in the wake of the recent Anthem data breach offers evidence of the effective model the ISACs already have in place. Legislation of information sharing will be most effective if it builds on and amplifies the proven cyber security information sharing that is already occurring.”
The Executive Order facilitates the increased sharing of threat data by “streamlining the mechanism for the National Cybersecurity and Communications Integration Center (NCCIC) to enter into information sharing agreements with ISAO’s”.
As a long-term participant in the National Council of ISAC’s, the NH-ISAC sees the Executive Order as a compliment to existing data sharing entities, which will enhance not limit existing collaboration between the private sector and Government.
Jim Routh, Board member of NH-ISAC, added, “Sharing cyber security intelligence and information is an essential part of any risk-based information security program that contributes to faster cybersecurity response as well as more effective preventative practices and controls. Using ISACs as the primary vehicle for improving industry resiliency has a demonstrated track record of success.”
An important data-sharing element disclosed today is that the Department of Homeland Security is now charged by the Executive Order to have the regulatory ability to “…ensure that information sharing entities can appropriately access classified cybersecurity threat information”.
The NH-SAC has in place an ongoing executed Cooperative Research and Development Agreement (CRADA) with the Department of Homeland Security. NH-ISAC maintains analysts to work with the U.S. Department of Homeland Security to support security situational awareness intelligence, information sharing, incident response, research and other collaborative initiatives.
In addition, the NH-ISAC augments its analytical efforts through its Threat Intelligence Platform to proactively isolate threat indicators reducing human interpretation and it can share that information using its automated collaborative platform with its Healthcare Members, other ISACs and other trusted intelligence partners.
When asked for her perspective, Board Member of NH-ISAC, Jeannie Larson, said, “We agree that this announcement will strengthen the ISACs’ role as the lead organization for sector specific information sharing and also encourages ISAOs to work with their respective ISACs to improve information sharing for the constituencies they serve.”
By this Executive Order, Department of Homeland Security is now funded to develop a baseline of voluntary security standards for data sharing organizations. This will increase the trust levels between intelligence entities and potential private sector members as well as speed the collaboration between data sharing entities.
Deborah Kobza, CGEIT,JIEM, Founder/Executive Director and CEO of NH-ISAC, concluded, “We are thrilled the Executive Order recognizes the foundational role we have played in information sharing and we look forward to being part of a larger network of ISAO’s facilitated by standardized cybersecurity information interaction with DHS and NCCIC.”