August 9, 2011 By Dan Lohrmann
The Multi-State Information Sharing and Analysis Center (MS-ISAC) is holding its annual meeting in Nashville, TN, this week, and the focus is all about ways to strengthen partnerships. Indeed, the meetings are being held simultaneously with the GFIRST Annual Conference and the InfraGard National Congress to facilitate many joint meetings. At least 45 state governments, numerous local governments and many U.S. territories are represented at these MS-ISAC meetings, with most states having 2-3 representatives.
From the initial meeting overview and charge given by Will Pelgrin to the welcome messages Bobbie Stempfley, acting assistant secretary of the DHS Office of Cyber Security and Communications, the meetings highlighted the cyber risks and partnership examples. Even during the role call list and comments from the government representatives in the audience, the discussion topics kept coming back to ways that states and locals can work together with DHS and the MS-ISAC to improve information sharing, solve complex cyber problems and provide best practice solutions to members.
The meeting topics included break-out sessions for new members, services provided by the MS-ISAC, legal issues and legislation needed, security metrics and operations as well as other cyber issues. Each group reported out and described opportunities to work together and show value in their joint efforts. Afternoon breakout sessions included best-practice presentations from a variety of states.
Tuesday morning sessions were combined with the plenary sessions of the GFIRST conference, and the opening keynote was offered by DHS Acting Deputy Undersecretary NPPD Greg Schaffer. The Acting Undersecretary also discussed the many partnerships and changes over the past few years in the cyber activities within the federal and state governments. He described advancements in EINSTEIN, Trusted Internet Connections (TIC), Cyberstorm Exercises, The National Strategy for Trusted Identities in Cyberspace (NSTIC), the important paper on a healthy cyber ecosystem and the International Strategy for Cyberspace. The address also discussed advances in awareness and training, and reminded the audience about current cybersecurity awareness month plans.
In each case, Mr. Schaffer emphasized the importance of partnerships. From the public sector working with the private sector to the local governments working with states and federal agencies, he highlighted the importance of a business perspective with measureable results. He challenged the audience that “gets it” to carry the message to CFOs and CEOs across America who need to act as well.
The opening keynote closed with highlights of upcoming cyber legislation which will:
- Clarify authorities
- Enhance penalties for cyber crime
- Add mandatory requirements for protecting critical infrastructure – with private sector buy-in into specifics
Bottom line, the entire set of cyber sessions that I attended over several days focused on new and stronger partnerships. I really like what Cheri McGuire from Symantec said in summary during an afternoon panel:
Partnership Goals include –
1) Managing Risk
2) Improving Resiliency
3) Collaboration and Coordination
It was great to see that message in action over the past several days. If your state is not involved, I urge you to engage in these essential discussions regarding cyber and critical infrastructure partnerships.
Any thoughts on the MS-ISAC meetings or GFIRST 2011?
Building effective virtual government requires new ideas, innovative thinking and hard work. From federal stimulus projects to enterprise architectures to cloud computing, Dan Lohrmann will discuss what's hot and what's not in the world of technology infrastructure.