If you work in an eligible organization, you may have heard about the Multi-State Information Sharing and Analysis Center (MS-ISAC) and wondered if you should enroll your organization. Is it worth it to sign up to be an MS-ISAC member?
The short answer is – Yes, go for it.
Join me below to see why it's worth it.
What Organizations Are Eligible?
Just to be sure we're on the same page, eligible organizations include:
- Federal organizations (civilian and governmental)
- State, Local, Territorial, and Tribal Governments
- Public K-12 Education
- Public Institutions of Higher Education
- Non-Federal public entities in the U.S.
If you are affiliated with an eligible organization or if you have questions on whether your organization is eligible to be an MS-ISAC member, reach out to their support. Otherwise sign up on their MS-ISAC registration page.
What Do Eligible Organizations Get?
- 24/7 Security Operations Center
- Incident response and digital forensics services
- Monitoring of your public IP ranges and domains for possible compromises
- Access to Malicious Code Analysis Platform (MCAP)
- Weekly top-malicious domains and IPs report
- Vulnerability Management Program (VMP)
- Access to cybersecurity table-top exercises
What if You're Not Eligible? Is it Possible to Participate?
If you're one in the list below, you have options:
- Employees of for-profit companies or non-profits
- Private citizens that are unaffiliated with an eligible entity
What Do Non-Eligible Organizations Get?
- Free advisories on known vulnerabilities
- National webcasts
- End-user focused cybersecurity newsletters
This is made available by enrolling in their general subscription.
One of My Favorite Offerings
This service has an annual cost but it's much cheaper than most MSPs will give you.
It's also worth mentioning it's only available to U.S. SLTTs. Makes sense as it's tuned to provide the most value to these types of organizations.
But I will say that leveraging their SOC has been invaluable in network visibility initiatives.
Once the Albert sensor is in production and providing IDS services for your homenets, you'll get a follow up meeting within a couple months. This follow up meeting will kick off the tuning of the quantity and quality of incidents generated by the sensor.
Another Great Offering
Another great offering is their newsletter and security awareness materials. They offer calendars, posters, and other materials to help bolster your information security awareness program.
I've based several articles at my place of employment on their newsletters and alerts. It's concise and valuable.
The webinars are also good but I've only attended 2 so far so I can't discuss the normal types of content besides monthly wrap ups and best practices of using free tools like DMARC.
Testing Their Feed Services
Besides feeds to their blog posts, they also offer other automated syndication solutions.
You can customize which part of the feed you want to collect to help produce dynamic content to your website or employee portal. This is great for spreading security awareness.
They offer 4 different types of feeds:
In addition to the feeds, you can leverage their alert level system. They offer scripts so you can include a threat map on your website. Not as useful as their information feeds, but still cool nonetheless.
Besides the network monitoring, what's the initial price of enrollment?
Don't worry the membership price is right. It's free to become an MS-ISAC member.
I definitely recommend joining. My organization have been a member for years and find it to be a valuable security information resource. Their SOC is great.
If you have a state GISA program or conference you can join, you'll find CIS (MS-ISAC) folks there as well.
There's more to the membership that even we haven't got to yet, namely their CIS-CAT and trending malicious activity. But overall, great stuff.
If you like this service, you might also be interested in the FBI's Infragard service. That is another valuable Cyber/IT Security resource and it’s free as well.
Other than that, you can check out DHS CISA's Information Sharing and Awareness page where you can find other information sharing collaborative efforts.
What do you think? Are you interested in the MS-ISAC program or have you already became members of their service? What do you think? Let me know in the comments below!