State and Local Cyber Leaders meet in Minneapolis

  Cyber Leaders from 46 states and 20 local governments met in Minneapolis from April 22-25 as part of the Multi-State Information Sharing and Analysis Center (MS-ISAC) annual meeting.  

 It was cold and rainy as state and local representatives, including yours truly, arrived in Minnesota on April 22 for the fourth MS-ISAC annual meeting, but the next three days were full of interactive exercises that warmed things up.

The keynote came from Greg Garcia, Assistant Secretary for Cyber Security and Telecommunications, US Department of Homeland Security (DHS), who addressed the projects taking place at the federal level regarding cyber security and the collaboration between all levels of government and the private sector. The Assistant Secretary reiterated his support of the MS-ISAC and his appreciation for what each one of us is doing to help collectively strengthen our nation’s cyber security posture.

  This was the largest MS-ISAC meeting ever with over 120 attendees. With a wide variety of excellent speakers, including several from MS-ISAC member states, the presentations covered best practices on all aspects of cyber security management and operations. Additionally, the meeting included informative presentations from the Minnesota Chief of Staff, CIA, InfraGard, FBI, FS-ISAC, HoneyNet Project and Gartner. All of the presentations covered various aspects of current cyber threats and workable solutions.

 One theme: our cyber difficulties are growing, and we are being outspent by international organized crime.  ID Theft has become the crime of choice due to the low risk of being caught and the huge amount of money which can be made. 

 Reports from each of the MS-ISAC workgroups were given. These included such topic areas as awareness and training, operations, outreach, legal issues and new legislation, and others.

A tabletop cyber exercise took place which provided an excellent information-sharing opportunity, and helped highlight areas in which states and locals need to improve.

This year marked the first time that local governments have been invited to the annual meeting, and the response was universally positive. Many states, such as Michigan, now have state ISACs that work on state-specific issues.

There is no doubt that the formal and informal contacts made, as well as the sharing of true war stories that occurred, now take the MS-ISAC to a new level of importance.  States, and even some local governments, rely on the MS-ISAC during operational cyber incidents to share information and receive intelligence from the US-CERT  – who provide a secured portal for sharing real-time data. 

The presentations from speakers and panelists are available to members on the MS-ISAC secure portal library.

 If you are member of a local or state government IT organization and don’t have a POC within the MS-ISAC, I encourage you to get involved. Government staff can contact their state CISO or senior cyber security POC. Or, if you don’t know who that is, I encourage you to send an e-mail to: isac@cscic.state.ny.us for more information and local contacts in your state.

The public MS-ISAC website is also a good source of general information about the organization.