Information Sharing and Analysis Centers (ISACs)

The Information Sharing and Analysis Centers (ISACs) are part of the private sector's responses to the call for action made in May 1998 in the Federal Government's policy on critical infrastructure protection (Presidential Decision Directive 63.)

The purpose of an ISAC is to gather and analyze information about information security threats, vulnerabilities, incidents, countermeasures, and best practices. The information is obtained from authorized participants (members) that submit anonymous or attributed reports. ISAC members then have access to information and analysis relating to information provided by other members and obtained from other sources, such as law enforcement agencies, technology providers, and security associations.

An ISAC is typically comprised of a secure database, analytic tools, and information gathering and distribution facilities designed to allow authorized individuals to submit either anonymous or attributed reports about information security threats, vulnerabilities, incidents and solutions. ISAC members also have access to information and analysis relating to information provided by other members and obtained from other sources, such as US Government and law enforcement agencies, technology providers and security associations, such as CERT. ISAC membership provides industry participants the following benefits:

• Early Notification
• Relevant Information
• Industry-wide Vigilance
• Subject Matter Expertise
• Anonymous Information Sharing
• Trending, Metrics, Benchmark Data

Information Sharing and Analysis Centers [ISACs]

• Chemical ISAC
• Fire Services ISAC
• Electric ISAC
• Law Enforcement ISAC
• Energy ISAC
• Food ISAC
• Financial Services ISAC
• IT-ISAC
• REN-ISAC
• State Govt. ISAC
• Surface Trans. ISAC
• Telecom ISAC
• Water ISAC
• World Wide ISAC
• Highway ISAC
• Health Care ISAC
• Emergency Management and Response ISAC
• Multi-State ISAC