Information Sharing and Analysis Center

Information Sharing and Analysis Center

Abbreviation	ISAC

An Information Sharing and Analysis Center or (ISAC) is a nonprofit organization that provides a central resource for gathering information on cyber and related threats to critical infrastructure and providing two-way sharing of information between the private and public sector.^[1][2]

Sector ISACs began forming in 1999, subsequent to the May 22, 1998 signing of U.S. Presidential Decision Directive-63 (PDD-63), when "the federal government asked each critical infrastructure sector to establish sector-specific organizations to share information about threats and vulnerabilities."^[3] Decision Directive-63 (PDD-63) was replaced by Homeland Security Presidential Directive 21 in 2013.

Canada

• Global Mining and Metals Information Sharing & Analysis Centre (MM-ISAC)^[4]

Europe

European Energy - Information Sharing & Analysis Centre (EE-ISAC)^[5] is a network of private utilities, solution providers and (semi) public institutions such as academia, governmental and non-profit organizations which share valuable information on cyber resilience to strengthen the cyber security of the European Power Grid.

India

In India, the Information Sharing and Analysis Center (ISAC) operates as an independent non-profit organization that works closely as Public-Private-Partner (PPP) with apex nodal agency for cyber security, National Critical Information Infrastructure Protection Center (NCIIPC), designated under the IT Act Law 2000.

Japan

• Financials ISAC Japan^[6]
• ICT Information Sharing And Analysis Center Japan^[7]
• Japan Elecricity Information Sharing and Analysis Center^[8]
• Japan Foreign Trade Council ISAC^[9]
• Medical ISAC Japan Cyber Security Service (MICSS)^[10]
• Transportation ISAC JAPAN^[11]

United States

The National Council of ISACs (NCI Directorate) members include:

• Automotive (Auto-ISAC)
• Aviation (A-ISAC)
• Communications ISAC (NCC)
• Defense Industrial Base (DIB-ISAC)
• Emergency Services (EMR-ISAC)
• Electricity (E-ISAC)
• Energy Analytic Security Exchange (EASE)
• Elections Infrastructure ISAC (EI-ISAC)^[12]
• Financial Services (FS-ISAC)
• Healthcare Ready
• Health ^[13]
• Information Technology (IT-ISAC)
• Maritime Security ISAC
• Media and Entertainment Sharing Analysis Center (ME-ISAC)
• Nuclear (NEI)
• Oil and Gas (ONG-ISAC)
• Public Transit (PT-ISAC)
• Real Estate (RE-ISAC)
• Research & Education Network (REN-ISAC)
• Retail & Hospitality ISAC (RH-ISAC) Formerly R-CISC
• Space ISAC (S-ISAC) ^[14]
• Supply Chain (SC-ISAC)
• Surface Transportation (ST-ISAC)
• Water ISAC (Water-ISAC)

Many other ISACs exist beyond the National Council of ISACS, which caters only to sectors the US government has declared Critical Infrastructure sectors, such as MFG-ISAC and LS-ISAC. ^[15]

References

1. (au), David A. Powner (15 May 2017). Critical Infrastructure Protection: Department of Homeland Security Faces Challenges in Fulfilling Cybersecurity Responsibilities. DIANE Publishing. p. 51. ISBN 9781422301012.
2. "FACT SHEET: Executive Order Promoting Private Sector Cybersecurity Information Sharing". whitehouse.gov. 12 February 2015 – via National Archives.
3. "ABOUT ISACs" National Council of ISACs, 2022. Accessed February 25, 2023.
4. "Mining and Metals ISAC". www.mmisac.org. Retrieved 2018-03-21.
5. "Home". EE-ISAC - European Energy - Information Sharing & Analysis Centre.
6. "一般社団法人 金融ISAC". f-isac.jp. Retrieved 2023-02-20.
7. "一般社団法人ICT-ISAC / ICT-ISAC JAPAN". ict-isac.jp. Retrieved 2023-02-20.
8. "日本貿易会ISAC | 商社が分かる | JFTC - 一般社団法人日本貿易会". www.jftc.or.jp/shosha/isac/. Retrieved 2023-02-20.
9. "電力ISAC". je-isac.jp. Retrieved 2023-02-20.
10. "医療ISAC - Medical ISAC Japan". m-isac.jp. Retrieved 2023-02-20.
11. "一般社団法人交通ISAC". t-isac.jp. Retrieved 2023-02-20.
12. "Elections Infrastructure ISAC is now a member of the National Council of ISACs". CIS.
13. Health-ISAC|H-ISAC.org
14. S-ISAC.org
15. "About".