CI Scoop

By: Mark Listes

This blog will discuss critical infrastructure, the designation of elections as critical infrastructure, the issues surrounding the designation, the goal is to share what we know about Critical Infrastructure so our stakeholders can be more informed.

Wading Through Critical Infrastructure’s Alphabet Soup

Jul 10, 2017

ISACs, MS-ISAC, and ISAOs, what are these and why should you care? As a quick answer, if you are an election official or administrator, these entities are about to impact your work. Today’s blog explains how.

If the intelligence community is our nation’s security lookout, Information Sharing and Analysis Centers (ISACs) blow the horn precisely and carefully when the lookout sees something on the horizon. ISACs gather, analyze, appropriately sanitize, and disseminate useful information to critical infrastructure owners and operators. For our sector, that audience would include election officials and administrators. The kinds of information ISACs would share could include alerts about potential threats to physical sites such as polling places or cyber targets such as voter registration databases.

Contrary to what you might expect though, ISACs are not federal entities. The centers are non-profit, member-driven organizations. However DHS and a sector’s SSA do work extensively with the ISACs, which are often viewed as an honest information broker that organizations within a specific infrastructure space can inherently trust.

There are many ISACs, and each is built to support a certain sector or type of critical infrastructure owner or operator. Here is a list of all of the ISACs. The centers have 24/7 threat warning and incident reporting capabilities, as well as the ability to reach and nimbly share information within individual sectors, between sectors, and among government and private sector stakeholders.

DHS has not yet announced that any of the existing ISACs will directly serve the elections subsector, but it is likely too early in the process for that kind of announcement. However, if one were to speculate, it would not be too attenuated of a prediction to think that the election community may be served by the Multi-State ISAC (MS-ISAC) because of its existing focus on government facilities and infrastructure. This is just speculation at this point, but we will use this blog to keep you posted when an announcement is made.

Now let’s talk about Information Sharing and Analysis Organizations (ISAOs). These entities are similar to ISACs but are further removed from the government. The organizations are not sponsored or funded by DHS, and DHS usually does not work extensively with ISAOs. That said, ISACs also gather, analyze, and disseminate critical infrastructure information. Critical infrastructure owners and operators turn to ISAOs when they feel that they need an additional honest broker of information to provide a more complete assessment of threats. One advantage of ISAOs is that while they don’t have access to confidential information, they also don’t always require clearances or membership in a sector before sending information to someone. The organization has the ability to share its intelligence with a broader list of individuals and entities impacted by a critical infrastructure designation. For example, in the election space, a local township may not have access to ISAC reports, but could receive data from an ISAO.

As we all continue to wade our way through the critical infrastructure alphabet soup of acronyms, I hope today’s blog helped you to understand ISACs, MS-ISAC, and ISAOs. These independent information sharing entities are likely coming to a conversation near you, so let us know if you have any additional questions about how they work or why they exist. You can also get additional information about these terms and about critical infrastructure more generally by reading our Starting Point White Paper on elections as critical infrastructure.