I’m at the Multi-State Information Sharing & Analysis Center (MS-ISAC) Annual Meeting in Atlanta, where the state and local government Chief Security Officers (CSOs), Chief Information Security Officers (CISOs) and many of their top team members have gathered for three days. The MS-ISAC is now a division of the Center for Internet Security (CIS), and this group plays a vital role in cybersecurity information sharing and situational awareness between the Department of Homeland Security (DHS) and state and local governments.
These meetings provide a venue for collaboration and comparing notes amongst the cyber leaders in federal, state and local government. For the last few years, the meetings have been held in conjunction with the GFIRST conference, which is sponsored by DHS.
This year, the MS-ISAC Annual Meeting is the largest ever and includes representatives from 45 state governments and 40 local governments.
While the major focus of the three days is engagement on specific cyber issues and workgroup topics, the agenda for the annual meeting includes presentations from cyber leaders like Will Pelgrin (President and CEO of CIS) , Howard Schmidt (former cybersecurity coordinator for President Obama), Mark Weatherford (Deputy Under Secretary, Cybersecurity National Programs and Protection Directorate, DHS), Steve Chabinski, (Deputy Assistant Director, Cyber, Federal Bureau of Investigation) and Kelvin Coleman (Director, State, Local and Tribal Engagement, National Cyber Security Division, DHS).
We will also have updates on specific new MS-ISAC projects, like the CISO mentoring program started earlier this year. Many of the mentors had a chance to meet with the men and women that they are mentoring last night for the first time before the welcome reception, and these types of informal get-togethers are very helpful, in my opinion.
So what is everyone talking about?
The morning sessions were excellent, with Howard Schmidt providing insights from his years in the public and private sectors. He discussed the first Cyberstorm exercise, and he said he was proud with how far we’ve come – while admitting we have a long ways to go. Howard charged the delegates to:
1) Lead their governments’ efforts in buying the right security products and services
2) Uncover vulnerabilities and ensure that we take away the known holes.
3) Build the future teams and vision for cybersecurity collaboration and information sharing.
Howard also discussed the struggle regarding the roles of government and making secure product configurations mandatory verses voluntary.
Other morning updates included some impressive numbers by Will Pelgrin regarding the roles and responsibilities of the MS-ISAC, a great keynote by Steve Chabinski from the FBI, and several updates from DHS on upcoming events and awareness training.
This afternoon will offer breakout sessions on several topics and well as workgroup action sessions.
We kickoff tomorrow with some joint MS-ISAC / GFIRST meetings.