Michael Kelly 2016 (2).png

Managing your risk by Michael Kelly

NCACC Risk Management Director Michael Kelly writes a regular column on risk management for CountyLines. With more than 41 years of risk management/ insurance experience, he holds the CPCU - Chartered Property & Casualty Underwriter, ARM-P - Associate in Risk Management for Public Entities, CRM - Certified Risk Manager, ARe - Associate in Reinsurance and CIC - Certified Insurance Counselor Professional Designations. He can be reached at michael.kelly@ncacc.org or (919) 719-1124.  For archives of this column click here.

View All Posts

Dec 31

2012 Cyber Risk Continued… the MS-ISAC

Posted on December 31, 2012 at 2:44 PM by Chris Baucom

As a follow up to the recent column written on the issues of cyber risk, I have recently learned of the Multi-State Information Sharing and Analysis Center (MS-ISAC), which is an additional resource that may help in your efforts to keep your county protected in the world of cyber risk and loss prevention.  They have published a wealth of information on the topic, some of which is included here with appropriate literary acknowledgement and permission.

The MS-ISAC is a division of the not-for-profit Center for Internet Security, and is designated by the U.S. Department of Homeland Security as a key resource for cyber threat prevention, protection, response and recovery for the nation’s state, local, territorial and tribal governments (http://msisac.cisecurity.org/about/).

The MS-ISAC provides a number of resources at no cost to its members, including incident response; cyber alerts and advisories; monthly webcast meetings; annual in-person meeting; trainings and exercises; annual Cyber Security Awareness Month materials; and a community of practice for information sharing between and among state and local governments.

In addition, there is no cost to join the MS-ISAC. Membership is open to all state, local, territorial and tribal (SLTT) governments. 

So what is it exactly?  The Multi-State Informative Sharing and Analysis Center is a voluntary and collaborative effort based on a strong partnership with the Office of Cybersecurity and Communications  within the U.S. Department of Homeland Security (DHS).
  
Through its state-of-the-art 24/7 Security Operations Center, the MS-ISAC serves as a central resource for situational awareness and incident response for SLTT governments.  

Being a member provides some education and training resources.  In addition to advisories and information bulletins regarding the latest cyber threats and vulnerabilities, the MS-ISAC provides a variety of educational, awareness and training resources and opportunities.

In order to join, the only requirement is to complete a membership agreement, which sets forth the responsibilities of members to protect information that is shared.  As noted, membership is open to SLTT government entities involved in cyber security and/or critical infrastructure protection.  Currently membership includes representatives from all 50 states and their capitals, dozens of local governments and several U.S. territories.  For our State specifically, at present their website reflects the Cities of Charlotte and Raleigh and the Town of Cary as being members.

The MS-ISAC is located in East Greenbush, N.Y., and is led by Chair William Pelgrin and Executive Director Tom Duffy.  If this is something that interests you and you think you would like to become a member, contact Andrew Dolan, who is their Director of Government Affairs, at andrew.dolan@cisecurity.org or by phone at (518) 880-0693.

I think it is clear to most everyone now that cyber security is going to continue to be an important consideration in your overall process of risk identification – being a member of MS-ISAC can help provide some insight on a pre-loss basis and strengthen your ability to detect, respond to and recover from a cyber incident.