Information Sharing Organizations
Registered with ISAO.org
as of April 2022
Standards Documents
Published
since 2015
Information Sharing and Analysis Organizations (ISAOs) play an integral role in national efforts to promote secure, rapid and widespread information sharing that helps organizations detect and block increasingly sophisticated cyber security threats.
The ISAO SO works with existing information sharing organizations, owners and operators of critical infrastructure, relevant agencies and other public- and private-sector stake-holders through a voluntary consensus standards development process to identify a common set of voluntary guidelines for the creation and functioning of ISAOs. These guidelines address, but are not limited to, contractual agreements, business processes, operating procedures, technical specifications and privacy protections.
History
In October 2015, The U.S. Department of Homeland Security (DHS) selected a team, led by UTSA, with partners the Logistics Management Institute (LMI) and the Retail Cyber Intelligence Sharing Center (R-CISC), as its Information Sharing and Analysis Organization Standards Organization (ISAO SO). Through an executive order in February 2015, the ISAO Standards Organization was tasked with developing standards and guidelines for the creation of and collaboration between ISAOs.
The CIAS continues to lead the ISAO Standards Organization’s industry, academia and government volunteers in developing cybersecurity information sharing guidelines. ISAOs continue to play an integral role to national efforts to promote secure, rapid and widespread information sharing that helps organizations detect and block increasingly sophisticated cyber security threats.
An ISAO is any group of individuals or organizations established for purposes of collecting, analyzing and disseminating cyber or relevant information in order to prevent, detect, mitigate, and recover from risks, events or incidents against the confidentiality, integrity, availability and reliability of information and systems.
According to the Critical Infrastructure Information ACT of 2002 and Executive Order 13691 – Promoting Private Sector Cyber Security Information Sharing, the term “Information Sharing and Analysis Organization,” or ISAO, means any entity or collaboration created or employed by public- or private-sector organizations, for purposes of—
- gathering and analyzing critical cyber and related information in order to better understand security problems and inter-dependencies related to cyber systems, so as to ensure their availability, integrity, and reliability;
- communicating or disclosing critical cyber and related information to help prevent, detect, mitigate, or recover from the effects of an interference, compromise or incapacitation problem related to cyber systems; and
- voluntarily disseminating critical cyber and related information to its members; federal, state and local governments; or any other entities that may be of assistance in carrying out the purposes specified above.
ISAO SO publications are documents authored by the ISAO SO working groups using an open and transparent consensus-driven development process. These documents focus on specific topics to meet the needs of information sharing organizations.
The ISAO SO has published 13 voluntary guideline documents since September 2016 on ISAO.org. These publications were developed with the support of over 160 industry experts to provide guidelines for effective information sharing and analysis related to cybersecurity risks, incidents and best practices. Below are recently published documents.
ISAO is the more general term.
An Information Sharing Analysis Organization (ISAO) is any group of individuals or organizations established for purposes of collecting, analyzing and disseminating cyber or relevant information in order to prevent, detect, mitigate, and recover from risks, events or incidents against the confidentiality, integrity, availability and reliability of information and systems.
An Information Sharing Analysis Center (ISAC) is a type of ISAO that focuses on the critical infrastructure sector.
When originally developed, ISACs were created to help critical infrastructure owners and operators protect their facilities, personnel and customers from cyber and physical security threats and other hazards. Currently, the use of ISAO and ISAC are commonly used interchangeably, whether an information sharing organization targets critical infrastructure or not.