MS ISAC Looks at Cyber Issues

Editor’s Note…this message was originally sent to state drinking water security coordinators via email from ASDWA in January 2010.  However, given recent upticks in cybersecurity concerns, it may be useful to revisit some of the information and weblinks that appear below.

ASDWA has come across an “Information Sharing and Analysis Center” or ISAC that is devoted to improving efforts in the area of cyber security.  The MS-ISAC (MS stands for multi-state) identifies its mission as to “provide a common mechanism for raising the level of cyber security readiness and response in each state and with local governments. The MS-ISAC provides a central resource for gathering information on cyber threats to critical infrastructure from the states and providing two-way sharing of information between and among the states and with local government.”

The MS-ISAC website contains lots of useful information about cyber security.  Some of you may already be aware of this ISAC and these cyber-related tools and documents; however, in the event that you are not, please take a few minutes to look at the web page.

One of the documents that you may find particularly useful in your work with small water systems is their “Getting Started Guide” for cyber security.  This PDF document (click on the “Resources” listing in the left margin of the home page) can be downloaded and distributed to your smaller systems.  It has a basic glossary of terms and offers a quick reference checklist of computer maintenance functions that should be undertaken on a daily/weekly/as needed basis to ensure good “cyber health.”  It also contains a “top 10” list of actions items that should be implemented to help enhance the organization’s (small system’s) readiness and response capabilities for cyber security.

This ISAC works in tandem with several organizations that may have shared similar information with your state’s IT program.  They include the National Association of State Chief Information Officers, the DHS US Computer Emergency Readiness Team (US CERT), and the National Cyber Security Alliance.



Comments are closed.