ISAC Executive Order Increases Risk for Small Towns

All conflict is about time. The information needed to win a conflict is always available before it starts, whoever finds it first will win.  

I have watched the cybersecurity information sharing environment evolve for more than three decades, and have chaired an ISAC for a number of years. My work today primarily revolves around the same issue: “How do we share cybersecurity information fast enough to keep our banks and power grids and other infrastructure safe enough?”  

ISACs and other cybersecurity information sharing organizations exist in their current forms because that is what is required at present to give our airlines and factories and schools and banks and towns the time to defend themselves from attacks that are already happening to their peers. Without these organizations, your town would find out about hackers turning off traffic lights or hospitals only when it happens to you, and your local first responders wouldn’t have anyone to call for advice when it does happen to you. 

Information Sharing and Analysis Centers (ISACs) are private sector cybersecurity nonprofits that bring together security leaders in a given area (finance, energy, healthcare, and so on) so that they can share information about threats and attacks and defenses in an environment with a known and predictable trust level. They began as a result of a Presidential Directive (executive order) in 1996, the Multi-State ISAC was among the first. Since the MS-ISAC membership was primarily folks from state and local public sector, unlike other ISACs for sectors like Finance or IT whose members were primarily from the private sector, the MS-ISAC was allocated funding by Congress. 

According to Christina A. Cassidy of the Associated Press: “The two cybersecurity initiatives facing cuts are the Elections Infrastructure Information Sharing and Analysis Center, which included state and local election officials along with representatives of voting system manufacturers, and the Multi-State Information Sharing and Analysis Center, which has benefited state, local and tribal government offices.” 

After more than a decade away from the ISAC space, the past year has had me getting involved with those organizations again. I have been very pleased with the notably higher level of maturity and functionality among and between these organizations. It takes a lot of effort to create environments where those inside can feel justifiably comfortable sharing sensitive information. 

We will always be improving our ability to respond more quickly to the ever-present pressure of those trying to break the things we build. Whenever we stop getting faster, our infrastructure will begin to degrade as our opponents continue to speed up and leave all of our defenders at a disadvantage.  

Due to this move, every small town American mayor will have less time to prepare for and need more time to respond to any threats and attacks to their local infrastructure. Same of course goes for the Election Infrastructure ISAC membership. All of the small towns across America will have less time to prepare for and need more time to respond to and recover from threats to and attacks on their election infrastructure.  

Unless there is some plan to compensate for this loss of capabilities, this move will weaken our national infrastructure perceptibly by weakening all of our local infrastructure at the same time.