What is an ISAC or ISAO? How These Cyber Threat Information Sharing Organizations Improve Security
July 10, 2019
Mo Moin (1772 articles)
Share

What is an ISAC or ISAO? How These Cyber Threat Information Sharing Organizations Improve Security

An Information Sharing and Analysis Center (ISAC) is an industry-specific organization that gathers and shares information on cyber threats to critical infrastructure. ISACs also facilitate the sharing of data between public and private sector groups.

ISACs were established under a presidential directive in 1998 to enable critical infrastructure owners and operators to share cyber threat information and best practices. Besides being sector specific, most ISACs are comprised of large companies with a different set of priorities and challenges than a vast majority of smaller organizations and entities, according to Michael Echols, CEO of the International Association of Certified ISAO’s (IACI) at the Kennedy Space Center.

Many ISACs are well resourced, come with membership fees and have infrastructure and full-fledged security operations centers for monitoring threats on a global scale. The National Council of ISACs currently lists 21 member ISACs including those for the financial, automotive, energy, aviation, communication and defense industrial base sectors.

Information Sharing and Analysis Organizations (ISAOs) are the result of a White House directive to promote voluntary cyber threat information sharing within industry sectors. In February 2015, President Obama signed an executive order directing the U.S. Department of Homeland Security (DHS) to encourage development of ISAOs for private companies, non-profits, government departments, and state, regional and local agencies.

This post What is an ISAC or ISAO? How These Cyber Threat Information Sharing Organizations Improve Security originally appeared on CSO Online.

Read More