Ics Isac Overview V0.1pub

Copyright ICS Cybersecurity, Inc. 2012, Confidential, not for distribution

ICS-ISAC

Private/Public ICS Security Knowledge Sharing


ICS-ISAC

Public/Private information sharing and analysis center to capture and transport ICS security information across sectors. The ISAC structure is mandated by Homeland Security Presidential Directive 7 (HSPD-7).


ICS-ISAC

• Cross-ISAC Integration Vehicle– Capture commonalities and sector-specific attributes

• Vendor-Customer Communications– Standardized communication format

• Global Integration Center– Develop global ICS security knowledge

– Aggregate public & private knowledge centers


Overview

• Leadership– Chris Blask, Chair

– Brad Blask, Executive Director

– Sean Paul McGurk, Senior Policy Advisor

– Gib Sorebo, Senior Technology Advisor

• Membership– Vendors

– Services Providers

– Asset Owners

– Knowledge Centers


ICS-ISAC

Private Knowledge Centers

Public KnowledgeCenters

Aggregation

Private/Public Knowledge Centers

Filtered Data

Knowledge

LegendFiltered or Raw Data

ICS-ISAC in the Global Knowledge Network


Public/Private Information Sharing Matrix: ISACs

ES-ISAC

FS-ISAC

RE-ISAC

REN-ISAC

NH-ISAC

MFR-ISAC

ST-ISAC

EMR-ISAC

DIB-ISAC

MAR-ISAC

TEL-ISAC

AGR-ISAC

WTR-ISAC

ICS-ISAC

MS-ISAC

SC-ISAC

NC-ISAC

IT-ISAC


ISACs

NCCIC

ICS-ISAC

Knowledge Flow

Vendors

Service Providers

Private Knowledge Sharing


Capgemini

JP-CERT

Real Time Knowledge Sharing

Yokogawa US

LIGHTS Yokogawa Japan

Maritime ISAC CPNI

ICS-ISAC


ICS-ISAC Architecture


Value to Vendors

• Single Consistent Communications Channel– Advisory distribution and experience collection

– Reduced cost and increased effectiveness

• Private-Sector Voice in Public-Sector– De facto private sector partner to government

– Negotiating center for private/public knowledge sharing standards


Value to Asset Owners

• Single Consistent Feed – Threats, Vulnerabilities and Best Practices

– Vendor notifications

– Private/Public, Private & Public Knowledge Centers

• All-Hazards Visibility– Cross-sector for all critical functions

• i.e. power, water, supply chain, transportation…

• Global knowledge sharing network– Access to local, national and International resources


Value to Knowledge Sharing Centers

• Single Interface to Global Knowledge Sharing Network– Propagate knowledge feed worldwide

– Real-time access to all ICS security knowledge sources

• Collaboration Platform– Produce joint content with other knowledge centers

• Interoperability Platform– Private sector forum for negotiation of knowledge interchange standards

• Public Sector Portal– Stand-off from public knowledge centers

– Private sector voice to negotiate knowledge sharing with public sector


Global Knowledge Network

ICS Cybersecurity focuses on the enablement of critical infrastructure knowledge sharing architectures for Municipal, Regional, National and Global applications.


Private Knowledge Centers

Public KnowledgeCenters

Aggregation

Public/Private Knowledge Centers

Knowledge

LegendFiltered or Raw Data

Knowledge Sharing Model


InternationalInformation Sharing

Federal

Regional Security Operations Centers - tightly monitor critical assets - coordinate county and municipal

Public/Private

Regional Model

Province TerritoryState

DistrictMunicipal

Knowledge

Region


Federal CERT

OtherSharing

State

State Model

Municipality

District

Municipality

Process ISAC

Sector ISAC


Thank You

Brad BlaskExecutive [email protected]

Documents

Ics Isac Overview V0.1pub