Information Sharing and Analysis Centers (ISACs)
The Information Sharing and Analysis Centers (ISACs) are part of the private sector's responses to the call for action made in May 1998 in the Federal Government's policy on critical infrastructure protection (Presidential Decision Directive 63
.)
The purpose of an ISAC is to gather and analyze information about information security threats, vulnerabilities, incidents, countermeasures, and best practices. The information is obtained from authorized participants (members) who submit anonymous or attributed reports. ISAC members can then access information and analysis relating to information provided by other members and obtained from other sources, such as law enforcement agencies, technology providers, and security associations.
An ISAC typically comprises a secure database, analytic tools, and information gathering and distribution facilities designed to allow authorized individuals to submit either anonymous or attributed reports about information security threats, vulnerabilities, incidents and solutions. ISAC members also have access to information and analysis relating to information provided by other members and obtained from other sources, such as U.S. Government and law enforcement agencies, technology providers and security associations, such as CERT.
Cisco is currently a member of two ISACs, the Information Technology (IT) and the Telecommunications (NCC) ISACs, and is closely related to two other ISACs, the Worldwide ISAC and the Financial Services ISAC.
ISAC membership provides industry participants the following benefits:
- Early notification
- Relevant information
- Industrywide vigilance
- Subject-matter expertise
- Anonymous information sharing
- Trending, metrics, and benchmark data
ISAC Links
