Copyright ICS Cybersecurity, Inc. 2012, Confidential, not for distribution
ICS-ISAC
Private/Public ICS Security Knowledge Sharing
Copyright ICS Cybersecurity, Inc. 2012, Confidential, not for distribution
ICS-ISAC
Public/Private information sharing and analysis center to capture and transport ICS security information across sectors. The ISAC structure is mandated by Homeland Security Presidential Directive 7 (HSPD-7).
Copyright ICS Cybersecurity, Inc. 2012, Confidential, not for distribution
ICS-ISAC
• Cross-ISAC Integration Vehicle– Capture commonalities and sector-specific attributes
• Vendor-Customer Communications– Standardized communication format
• Global Integration Center– Develop global ICS security knowledge
– Aggregate public & private knowledge centers
Copyright ICS Cybersecurity, Inc. 2012, Confidential, not for distribution
Overview
• Leadership– Chris Blask, Chair
– Brad Blask, Executive Director
– Sean Paul McGurk, Senior Policy Advisor
– Gib Sorebo, Senior Technology Advisor
• Membership– Vendors
– Services Providers
– Asset Owners
– Knowledge Centers
Copyright ICS Cybersecurity, Inc. 2012, Confidential, not for distribution
ICS-ISAC
Private Knowledge Centers
Public KnowledgeCenters
Aggregation
Private/Public Knowledge Centers
Filtered Data
Knowledge
LegendFiltered or Raw Data
ICS-ISAC in the Global Knowledge Network
Copyright ICS Cybersecurity, Inc. 2012, Confidential, not for distribution
Public/Private Information Sharing Matrix: ISACs
ES-ISAC
FS-ISAC
RE-ISAC
REN-ISAC
NH-ISAC
MFR-ISAC
ST-ISAC
EMR-ISAC
DIB-ISAC
MAR-ISAC
TEL-ISAC
AGR-ISAC
WTR-ISAC
ICS-ISAC
MS-ISAC
SC-ISAC
NC-ISAC
IT-ISAC
Copyright ICS Cybersecurity, Inc. 2012, Confidential, not for distribution
ISACs
NCCIC
ICS-ISAC
Knowledge Flow
Vendors
Service Providers
Private Knowledge Sharing
Copyright ICS Cybersecurity, Inc. 2012, Confidential, not for distribution
Capgemini
JP-CERT
Real Time Knowledge Sharing
Yokogawa US
LIGHTS Yokogawa Japan
Maritime ISAC CPNI
ICS-ISAC
Copyright ICS Cybersecurity, Inc. 2012, Confidential, not for distribution
ICS-ISAC Architecture
Copyright ICS Cybersecurity, Inc. 2012, Confidential, not for distribution
Value to Vendors
• Single Consistent Communications Channel– Advisory distribution and experience collection
– Reduced cost and increased effectiveness
• Private-Sector Voice in Public-Sector– De facto private sector partner to government
– Negotiating center for private/public knowledge sharing standards
Copyright ICS Cybersecurity, Inc. 2012, Confidential, not for distribution
Value to Asset Owners
• Single Consistent Feed – Threats, Vulnerabilities and Best Practices
– Vendor notifications
– Private/Public, Private & Public Knowledge Centers
• All-Hazards Visibility– Cross-sector for all critical functions
• i.e. power, water, supply chain, transportation…
• Global knowledge sharing network– Access to local, national and International resources
Copyright ICS Cybersecurity, Inc. 2012, Confidential, not for distribution
Value to Knowledge Sharing Centers
• Single Interface to Global Knowledge Sharing Network– Propagate knowledge feed worldwide
– Real-time access to all ICS security knowledge sources
• Collaboration Platform– Produce joint content with other knowledge centers
• Interoperability Platform– Private sector forum for negotiation of knowledge interchange standards
• Public Sector Portal– Stand-off from public knowledge centers
– Private sector voice to negotiate knowledge sharing with public sector
Copyright ICS Cybersecurity, Inc. 2012, Confidential, not for distribution
Global Knowledge Network
ICS Cybersecurity focuses on the enablement of critical infrastructure knowledge sharing architectures for Municipal, Regional, National and Global applications.
Copyright ICS Cybersecurity, Inc. 2012, Confidential, not for distribution
Private Knowledge Centers
Public KnowledgeCenters
Aggregation
Public/Private Knowledge Centers
Knowledge
LegendFiltered or Raw Data
Knowledge Sharing Model
Copyright ICS Cybersecurity, Inc. 2012, Confidential, not for distribution
InternationalInformation Sharing
Federal
Regional Security Operations Centers - tightly monitor critical assets - coordinate county and municipal
Public/Private
Regional Model
Province TerritoryState
DistrictMunicipal
Knowledge
Region
Copyright ICS Cybersecurity, Inc. 2012, Confidential, not for distribution
Federal CERT
OtherSharing
State
State Model
Municipality
District
Municipality
Process ISAC
Sector ISAC
Copyright ICS Cybersecurity, Inc. 2012, Confidential, not for distribution
Thank You
Brad BlaskExecutive [email protected]