In the corridors during the OACB Convention, I had the opportunity to chat with the Information Technology leadership from an Eagle client, one of the state’s largest DD Boards, who shared the benefits of their participation in the Multi-State Information Sharing and Analysis Center (MS-ISAC). MS-ISAC is a non-profit entity whose mission is to improve the overall cybersecurity posture of the nation’s state and local governments through cyber threat prevention, protection, response, and recovery.
Cybersecurity at NO COST to County Boards
The operational costs of MS-ISAC are supported by the Department of Homeland Security, which allows them to offer basic membership to County Boards for no cost. Services include:
- Cybersecurity advisories
- Threat notifications
- Cyber alert map
- Weekly top malicious domains/IP report
- Monthly members-only webcasts
- Access to the CIS SecureSuite
- Other educational programming
There are additional services which are available on a fee basis.
Thwarting a Cyber Attack
One of the free services is a weekly feed of known malicious IP addresses, which can be uploaded on an ongoing basis to the agency’s firewall. My DD Board contact shared an anecdote about a ransomware attack which was prevented shortly after they automated the loading of this feed into their firewall. One of the more malicious ransomware families was installed on their network – after an employee clicked on a malicious link. Because the IP address for this malware’s command and control system was now blocked by their firewall, the malware’s attempted communication back home was blocked, the IT department was alerted, and they were able to quarantine the infected computer and cleanse it, without any damage.
Some services available through MS-ISAC are fee-based. One such service, a key tool for ransomware protection, is MS-ISAC’s Intrusion Detection System (IDS) capability, combined with 24/7 monitoring from a Security Operations Center (SOC). Few County Boards have the resources to operate this type of capability on their own, even the larger ones. So this county board is using MS-ISAC’s, which is called “Albert” Network Monitoring. Pricing for the service is based on internet connection utilization, and ranges between $890/month and $1650/month. Compared to commercial offerings, this is much less costly.
As discussed, additional information and details on a free membership to MS-ISAC is available at https://www.cisecurity.org/isac/. We recommend that Board’s take advantage of this resource.