Information Sharing and Analysis Organization

connection_iconHistory of ISAOs

ISAOs are being created in response to Executive Order 13691. This Order was released on February 13, 2015 and called for the Secretary of Homeland Security to “strongly encourage the development and formation of Information Sharing and Analysis Organizations.” The federal government has also provided direct support for the ISAO creation process. Some examples of this support include Michael Daniel, the White House’s Special Assistant to the President and Cybersecurity Coordinator, attending a summit on the ISAO creation process and the involvement of high-level DHS leaders, including Assistant Secretary Andy Ozment, in the creation of ISAO standards. EO 13691 also explicitly states that ISAOs should “engage in continuous, collaborative, and inclusive coordination” with the National Cybersecurity and Communications Integration Center (NCCIC).

EnergySec History

EnergySec began over a decade ago as a forum for information security, physical security, disaster recovery and business continuity professionals from energy organizations in the Pacific Northwest to meet, share, and solve problems they were all facing. In the years since, EnergySec has grown into a nation-wide organization focused on securing critical infrastructure sectors. The idea that by working together and sharing our successes and failures, our problems and achievements, we will be able to help all our members to be more successful continues to drive the programs which EnergySec offers.

EnergySec Mission and Goals

EnergySec’s mission and programs, which are focused o collaborative initiatives and projects that help enhance the cybersecurity resiliency of our members and the wider energy sector, naturally aligns with the goals of the ISAO program. EnergySec is excited to be able to continue to offer innovative programs for our members, while at the same time being a part of the wider effort to protect critical infrastructure sectors.

EnergySec ISAO Programs

ISAOs exist to increase the information sharing and shared analysis of their member organizations. To achieve this goal, EnergySec participates or leads multiple initiatives. The EnergySec ThreatConnect Community provides a free platform for EnergySec members to be able to share threat intelligence between members, as well as streamline the way organizations can receive threat intelligence and Indicators of Compromise (IOCs) from the federal government.

Since one of the purposes of an ISAO is to engage with the NCCIC, EnergySec has also begun having representatives visit the NCCIC in order to stay up-to-date on the threats facing our industry, as well as to ensure that our information sharing program is coordinated with and includes the most relevant information possible, all in an effort to help our members improve their security programs.

EnergySec has served in an ISAO-like role since its inception, and in October, 2017, became one of the first registered ISAOs, and also the first registered ISAO focused on the energy sector. EnergySec is participating in the ISAO process to ensure we can continue to serve our members in that capacity as the role becomes more formal and better organized. For more information on our ISAO efforts, contact us at isao@energysec.org, or call us at (503) 905-2920 (option 4), or click here for more information on why to join an ISAO focused on the electric sector.