States propose sharing cybersecurity info
State information technology managers have proposed creating an organization through which its members can share information about cybersecurity issues.
The proposal for an interstate information sharing and analysis center (ISAC) for cybersecurity, put forward by the National Association of State Chief Information Officers (NASCIO), stems from Presidential Decision Directive 63 issued by President Clinton in 1998.
PDD 63 established the National
Infrastructure Protection Center at the FBI and various public/private ISACs that involve state and local agencies and are modeled on the national Centers for Disease Control and Prevention.
However, the NASCIO proposal is the first to address cybersecurity at the state level. State governments have information sharing links to the federal government on other homeland security issues such as biological, nuclear, chemical and even conventional warfare threats, but such links don't yet exist for the information and communications sector.
A state ISAC "isn't the whole answer for national cybersecurity, but it's an essential part," said Chris Dixon, NASCIO's digital government issues coordinator.
NASCIO officials believe an interstate ISAC could serve states by helping aggregate data for analysis at the national level, by sending security alerts to the appropriate people in state agencies and by building relationships among state officials and their local and federal counterparts. Such a center could also help with other resources, such as auditing, assessment and training tools.