Center for Internet Security Confidence in the Connected World Northeast Headquarters 31 Tech Valley Dr., East Greenbush, NY 12061 Mid-Atlantic Headquarters 1700 North Moore St., Suite 2100, Arlington, VA 22209
Center for Internet Security 2 TLP: WHITE
Multi-State Information Sharing and Analysis Center The MS-ISAC has been designated by DHS as the key resource for cyber threat prevention, protection, response and recovery for the nation’s state, local, tribal, and territorial governments https://www.cisecurity.org/ms-isac/ 3 TLP: WHITE
MS-ISAC: Who We Serve Members include: • 50 State Governments • 79 DHS-Recognized Fusion Centers • 6 Territorial Governments • 40 Tribal Governments • More than 1,600 local governments State, Local, Tribal, and Territorial Cities, counties, towns, airports, public education, police departments, ports, transit associations, and more 4 TLP: WHITE
24x7 Security Operations Center Central location to report any cybersecurity incidents • Support: – Network Monitoring Services – Research and Analysis – Incident Response • Analysis: – Threats & Trends – Vulnerabilities – Attacks & TTPs – Cyber Threat Actor Activity To report an incident or request • Reporting: assistance: – Cyber Alerts & Advisories Phone : 1-866-787-4722 – IP & Domain Monitoring – Automated Indicator Sharing Email : soc@msisac.org – Strategic Intelligence 5 TLP: WHITE
MS-ISAC Advisories 6 Public Information TLP: WHITE
Monthly Newsletter Distributed in template form to allow for rebranding and redistribution by your agency https://www.cisecurity.org/resources/newsletter/ 7 Public Information TLP: WHITE
Monitoring of IP Ranges & Domains Domain Monitoring IP Monitoring • Notifications on • IPs connecting to sinkholed C2s compromised user credentials, open source, • Compromised IPs and third party information • Indicators of compromise • Vulnerability Management from MS-ISAC network Program (VMP) monitoring Send domains, IP ranges, and contact info to: soc@msisac.org Any SLTT Government 8 TLP: WHITE
CERT Computer Emergency Response Team • Incident Response • Malware Analysis • Computer & Network Forensics • Log Analysis To report an incident or request assistance: Phone: 1-866-787-4722 Email: soc@msisac.org Any SLTT Government 9 TLP: WHITE
MS-ISAC Membership
Benefits of MS-ISAC Membership Free and Voluntary No Mandated Information Sharing Only an NDA Required Benefits: − CIS SecureSuite discounts − Access to information, intelligence, − HSIN Community of Interest (COI) products, resources, and webcasts − Cybersecurity exercise participation − Insider access to federal information − Malicious Code Analysis Platform − Training and resource discounts (MCAP) https://learn.cisecurity.org/ms-isac-registration MS-ISAC Membership 11 TLP: WHITE
Cyber Threat Intelligence 24x7 Assistance • Tactics, techniques, and procedures (TTPs), trends, and patterns • IOCs • Cyber Threat Actor information • Incident response and assistance • Answers to technical questions • Statistics • Intelligence Papers • Pointers to other resources and introductions to other agencies MS-ISAC Membership 12 TLP: WHITE
Weekly Malware IPs and Domains MS-ISAC Membership 13 TLP: WHITE
MS-ISAC Cyber Alerts MS-ISAC Membership 14 TLP: WHITE
Fee Based Services • Network monitoring (Albert) • Web application vulnerability assessments • Network vulnerability assessments • Penetration testing • Phishing engagements • Security assessments For more info on any of these contact: info@msisac.org Fee Based Services 15 TLP: WHITE
Network Monitoring (Albert) • SLTT focus • 24x7 research, analysis, and support • Signatures unique to SLTT governments • Integration of research on specific attacks and actors, including nation-state actors (APT) • Real-time information sharing • Experienced cybersecurity analysts who review each event minimizing the number of false-positive notifications Fee Based Services 16 TLP: WHITE
Share Information • Be prepared − Learn from others’ best practices − Gather intel to help you be proactive • Be willing to ask for help − Identify other resources to augment what you are doing • Be a part of the solution − Take part in information sharing 17 TLP: WHITE
Who do I call? Security Operations Center (SOC) SOC@msisac.org - 1-866-787-4722 31 Tech Valley Dr., East Greenbush, NY 12061-4134 www.cisecurity.org To join or get more information: https://learn.cisecurity.org/ms-isac-registration 18 TLP: WHITE
MS-ISAC 24x7 Security Operations Center 1-866-787-4722 SOC@msisac.org Eugene Kipniss Sr. MS-ISAC Program Specialist 518-880-0716 Eugene.Kipniss@cisecurity.org
Recommend
More recommend
