Week 6 Discussion – Sivad Davis
We currently live in a world where almost every facet of our lives resides online in some way shape or form. Personal, private, and business information is all accessible to those who truly want to steal this information. Data breaches on government, state and federal, systems have wreaked havoc on our nation and individuals who rely on the government for privacy and security. The latest annual report from IBM and researcher Ponemon Institute found the average data breach cost $3.79 million (Ebi, 2015). Data breaches are also more commonplace as state and federal government moves closer and closer to a completely paperless system. It is understandable that states are limited in capital and resources to deal with the changing landscape, however, the Multi-State Information Sharing and Analysis Center (MS-ISAC) can help ease some of the burdens. State private information to include student records, patient records, finances, and social security numbers to name a few are at stake.
First, the mission of the MS-ISAC, a division of the Center for Internet Security (CIS), is to improve the overall cybersecurity posture of the nation’s state, local, tribal and territorial governments through focused cyber threat prevention, protection, response, and recovery (CIS, 2019). Next, the MS-ISAC provides a central resource for gathering information on cyber threats to critical infrastructure and two-way sharing of information between and among public and private sectors in order to identify, protect, detect, respond and recover from attacks on public and private critical Infrastructure (CI) (CIS, 2019). The sharing of information to mitigate cyber threats helps states prepare for the worst and defend against impending attacks. The MS-ISAC is also available 24/7 and gives states the same support as top tier private sector businesses get. Lastly, the MS-ISAC also works closely with other organizations, such as the National Council of ISACs, the National Governors’ Association, the National Association of State Chief Information Officers, and fusion centers, as well as other public and private sector entities to build trusted relationships to further enhance our collective cybersecurity posture (CIS, 2019).
MS-ISAC serves as a tremendous benefit for local and state governments as it combines shared information with 24/7 support and cybersecurity best practices suited for the changing environment. Living with risk is the new normal, and managing it is an essential part of achieving optimal performance in digital government even at the state level (Eggers, 2016). While working with MS-ISAC will reduce risks, it does not mean breaches won’t happen or still be successful. It does mean that identifying, resolving, and bouncing back from breaches will be easier and less costly than not having a cybersecurity measure in place. MS-ISAC provides 30% discounts for state governments as well, so affordability is decent. Pricing is also dependent on the employee size of the agency ranging from $2,772 for less than 49 employees for 3 years, to $29,778 250,00 employees or more for 3 years (CIS, 2019).
While MS-ISAC serves as a great resource to combat cyber threats, there exist other organizations to help in the cybersecurity effort. Many organizations provide suites geared toward state and local governments to protect the mass wealth of information within them. An organization like FireEye is an organization that has great success in cybersecurity with a proven track record and awards to back it. There is no one size fits all to cybersecurity and like any service, a little shopping around goes a long way