Pulse

By GCN Staff

Blog archive

States to get security services to boost cyber info sharing

The Department of Homeland Security is rolling out a plan to offer states and territorial government organizations a set of free managed security services, including intrusion detection and prevention, netflow analysis and firewall monitoring.

The services will be provided by the Center for Internet Security’s Multistate Information Sharing and Analysis Center (MS-ISAC), a 24x7 operations center that provides real-time network monitoring, threat warnings and incident mitigation and response. 

The plan is part of a multipronged effort to boost government threat information sharing and cooperation called for in the National Institute of Standards and Technology’s Cybersecurity Framework, a set of voluntary guidelines released by NIST in February to promote the protection of critical systems and management of cybersecurity risk. 

Phyllis Schneck, DHS deputy undersecretary for cybersecurity for the National Protection and Programs Directorate (NPPD), said making the managed services available and adopting the NIST framework a key step making local government information systems secure. 

“The adoption of the framework will encourage longer term risk-based planning and better security overall – this is a win-win and we are excited to be able to provide such tactical assistance to our state and territorial stakeholders,” she said in a recent blog post.

To help promote the use of the NIST framework and coordinate projects to strengthen information sharing, DHS this February launched the Critical Infrastructure Cyber Community (C3) Voluntary Program, which will help coordinate critical infrastructure operations, DHS said. 

In its first year, the C3 Voluntary Program will focus on engaging with “sector-specific agencies,” including the defense industrial base, energy and emergency services sectors to adopt the NIST framework.

Later phases of the program will “reach out to all critical infrastructure (groups) interested in using the framework,” according to DHS. 

The C3 program will also encourage the critical infrastructure community to “manage cybersecurity as part of an ‘all hazards approach’ to enterprise risk management,” according to DHS. 

Posted by GCN Staff on Mar 04, 2014 at 11:48 AM


Reader Comments

Wed, Mar 5, 2014

Awesome DHS and MSISAC! Way to screw the private sector companies that provide these services! Really a well thought-through plan.

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

resources

HTML - No Current Item Deck
  • Transforming Constituent Services with Business Process Management
  • Improving Performance in Hybrid Clouds
  • Data Center Consolidation & Energy Efficiency in Federal Facilities