Overview and Mission
The Multi-State Information Sharing and Analysis Center (MS-ISAC), a division of the Center for Internet Security (CIS), is the focal point for cyber threat prevention, protection, response, and recovery for the nation’s state, local, tribal, and territorial (SLTT) governments.
The mission of the MS-ISAC is to improve the overall cybersecurity posture of the nation’s SLTTs governments through focused cyber threat prevention, protection, response, and recovery.
The MS-ISAC provides a central resource for gathering information on cyber threats to critical infrastructure and two-way sharing of information between and among public and private sectors to identify, protect, detect, respond and recover from attacks on public and private Critical Infrastructure (CI). The MS-ISAC’s 24-hour Security Operations Center (SOC) monitors, analyzes, and responds to cyber incidents targeting SLTT government entities. The SOC provides real-time network monitoring and notification, early cyber threat warnings and advisories, and vulnerability identification and mitigation.
The MS-ISAC comprises representatives from SLTTs. The MS-ISAC has built and nurtured a trusted environment between and among our nation’s SLTTs by providing direct access to cybersecurity advisories and alerts, vulnerability assessments, and incident response for entities experiencing a cyber threat, secure information sharing through the Homeland Security Information Network (HISN) portal, tabletop exercises, a weekly malicious domains/IP report, multiple DHS initiatives, CIS SecureSuite Membership, MS- ISAC Webinars, and more.
The MS-ISAC works closely with the Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and is recognized as the national Information Sharing and Analysis Center (ISAC) for SLTT cyber readiness and response coordination.
The MS-ISAC also works closely with other partner organizations, such as the National Council of ISACs, the National Governors’ Association, the National Association of State Chief Information Officers, and fusion centers, as well as other public and private sector entities to build trusted relationships to further enhance our collective cybersecurity posture.
Principles of Conduct
The MS-ISAC is operationally focused and achieves its actions through:
As part of MS-ISAC membership and in order to achieve a higher state of readiness and resilience to help protect our critical infrastructure, each MS-ISAC Member will be guided by the following principles of conduct in all of their MS-ISAC interactions:
- Agree to the above-stated common Mission.
- Agree to the MS-ISAC’s philosophy of collaboration and cooperation and work collaboratively with all entities within their organization to promote the collective mission of the MS-ISAC.
- Agree to share appropriate information between and among peer MS-ISAC Members to the greatest extent possible.
- Agree to collaborate and share across the critical sectors to reduce traditional stovepipes, minimize barriers, and foster our collective MS-ISAC mission.
- Agree to recognize the sensitivity and protect the confidentiality of the information shared and received in the MS-ISAC, taking all necessary steps and at least the same or similar precautions to protect information from others as is taken to protect your own sensitive information.
- Agree to transmit sensitive data to other Members-only through the use of agreed-upon secure methods.
- Agree to take all appropriate steps to help protect critical infrastructure.
MS-ISAC Organizational Membership
An organization shall be eligible for MS-ISAC membership provided the organization meets the following requirements:
- An MS-ISAC Member is an SLTT government or a not-for-profit organization dedicated solely to supporting SLTT functions or organizations.
- MS-ISAC Members can include either the cybersecurity, physical security, or related departments of SLTT organizations.
- MS-ISAC Member organizations must accept and agree to the MS-ISAC Membership Terms and Conditions or execute an MS-ISAC Membership Agreement.
Designated, Elected, and Appointed Individual Members
There shall be three categories of individuals participating in MS-ISAC activities asdesignated by MS-ISAC Members. These are MS-ISAC Individual Members, MS-ISAC Primary Members, and MS-ISAC Elected or Appointed Members.
MS-ISAC Primary Members
- Each MS-ISAC Member may appoint (2) two Primary Members to officially represent them on the MS-ISAC. One of these Members must be the Chief Information Security Officer (“CISO”) or any such individual identified as being responsible for cybersecurity duties for the SLTT.
- The role of the Primary Member is to serve as the primary contact for cybersecurity events, alerts, and issues affecting their organization along with being the decision maker on membership and service requests.
- There shall be only 1 (one) designated voting Primary Member per state, territory, county, or tribe (“jurisdiction”). By default, this designated voting Primary Member will be the “CISO” or any such individual identified as being solely responsible for cybersecurity duties within their jurisdiction.
MS-ISAC Individual Members
- MS-ISAC Primary Members may designate individuals within their organization to participate in MS-ISAC meetings and activities and to have access to MS- ISAC data suitable for their organizational membership category. Individuals so designated are referred to as MS-ISAC Individual Members.
- MS-ISAC Primary Members may designate as many MS-ISAC Individual Members as it deems appropriate to participate in MS-ISAC meetings and events, and to have access to MS-ISAC data and collaborative activities.
- The MS-ISAC shall maintain a roster of all MS-ISAC Individual Members.
MS-ISAC Elected or Appointed Members
- Any active and contributing Individual or Primary state, territory, county, and tribal Member may be elected by MS-ISAC voting Primary Members to serve as an Executive Committee Member.
- Any active and contributing Individual or Primary Member may be appointed to fulfill a vacant Executive Committee Member seat or to fill a designated seat on a subcommittee or working group by the MS-ISAC Chair in coordination with the MS-ISAC Executive Secretariat.
MS-ISAC meetings are open to all MS-ISAC Individual Members unless restrictions are otherwise published. The MS-ISAC Chair, in consultation with the MS-ISAC Executive Secretariat, will determine when records, artifacts, or minutes of MS-ISAC meetings may be released beyond the MS-ISAC membership.
MS-ISAC Executive Committee, Subcommittees, and Working Groups
MS-ISAC Executive Committee
- The mission of the MS-ISAC Executive Committee is to serve as trusted advisors of the SLTT community while ensuring the varying needs of the community segments are captured, prioritized, and effectively communicated to the MS-ISAC, CIS, CISA, and other key partners.
- There shall be a sixteen (16) Member MS-ISAC Executive Committee to advise the MS-ISAC Chair and MS-ISAC Executive Secretariat on the strategic direction of the MS-ISAC and to guide MS-ISAC working groups and subcommittees towards the successful execution of their deliverables and activities.
- Any MS-ISAC active and contributing Individual Member or Primary Member serving as an official or an employee of an SLTT may be nominated to serve on the Executive Committee.
- Active and contributing state, territory, county, and tribal nominees are voted upon by the designated MS-ISAC Primary voting Members within the SLTT segment of the vacant seat being voted upon.
- Active and contributing local government nominees will be provided to the Executive Committee by the applicable local government community. The Executive Committee will review all nominees and select appointees.
- At Large seats are appointed by the MS-ISAC Executive Committee.
- There may only be one individual Member per MS-ISAC Organizational Member elected to the Executive Committee at any one time.
- The MS-ISAC Executive Committee shall consist of:
- The MS-ISAC Chair (elected by and from the Executive Committee)
- The MS-ISAC Chair shall
- Call and preside over Executive Committee meetings.
- Approve Executive Committee meeting agendas.
- Direct the functions of the MS-ISAC Executive Committee.
- Ensure the Executive Committee acts in all manners with professional objectivity, ensuring appropriate focus and attention is afforded to all MS-ISAC SLTT segments and Member organizations.
- Guide the Executive Committee in providing strategic guidance regarding the MS-ISAC and SLTT community to the senior executive leadership of CIS, DHS/CISA, and other key partners as necessary.
- Create Executive Committee subcommittees to research, investigate and inform the Executive Committee on matters of relevance to MS-ISAC Membership and the SLTT community.
- Cast the tie-breaking vote when the Committee’s voting quorum is equally divided.
- The MS-ISAC Chair shall
- 7 (Seven) Members from state/territory governments
- 5 (Five) Members from local government of which:
- a minimum of 2 (two) will be from county government.
- the remaining 3 (three) may be from city, county, or represent other local government interests including K-12 or critical infrastructure.
- 2 (Two) Members from tribal governments.
- 2 (Two) Members from any SLTT to serve as at Large seats.
- The MS-ISAC Chair (elected by and from the Executive Committee)
- Elected MS-ISAC Executive Committee Member Terms shall be 3 (Three) years, during which any Executive Committee Member may serve a term as MS- ISAC Chair for 2 (Two) year term. In the case where the MS-ISAC Chair’s Executive Committee membership expires, the Chair must seek and be elected for continued Membership or forfeit the remainder of the term as MS- ISAC Chair.
- MS-ISAC Executive Committee Members will be voted in by a majority of the votes received as follows:
- The designated voting member for the MS-ISAC State and Territorial Primary Members will only vote for state and territorial Executive Committee vacant seats.
- The designated voting member for the MS-ISAC tribal government Primary Members will only vote for tribal government Executive Committee vacant seats.
- The designated voting member for the MS-ISAC county Primary Members will only vote for the county government seats.
- For local government seats, outside of the two designated county seats, each local government community will provide local government nominees to the Executive Committee. The Executive Committee will review all nominees and select appointees to these vacant seats.
- Only MS-ISAC Executive Committee Members will vote for the MS- ISAC Chair.
- Only MS-ISAC Executive Committee Members will vote for the 2 (two) at Large seats which will have a 1 (one) year-term.
- If an Executive Committee Member vacates their seat prior to the end of their term, a replacement for the vacated seat will be selected from a list of appropriate candidates provided to the MS-ISAC Chair by the MS-ISAC Executive Secretariat and filled by appointment of the MS-ISAC Chair following notice and review of the full Executive Committee.
- The Executive Committee will vote on matters brought to its attention or identified within its deliberations. Each Committee Member will have one vote on matters presented by the MS-ISAC Chair for a Committee vote. The MS- ISAC Chair may not vote unless there is a required tie-breaking vote.
- The Executive Committee will meet by phone/webcast or in person or as otherwise determined by the MS-ISAC Chair. Unless the Committee is meeting in executive session, meetings may be attended by MS-ISAC staff and invited guests. Closed session Executive Committee meetings are restricted to Executive Committee members and, as deemed necessary by the MS-ISAC Chair, MS-ISAC Executive Secretariat support. Executive Committee Member attendance at meetings cannot be delegated to other individuals in their organization.
- Executive Committee Members are ambassadors of the MS-ISAC who promote and support the MS-ISAC, its Members, and its collective mission by participating in activities of the MS-ISAC and by encouraging other Members to actively participate in the MS-ISAC.
- Executive Committee membership requires active participation to oversee the MS-ISAC mission. Committee Members must maintain active participation in Committee meetings and responsiveness to correspondence requiring their review and response. Committee Members may be subject to removal from their position by the MS-ISAC Executive Secretariat in coordination with the MS-ISAC Chair as a result of a sustained pattern of nonparticipation.
Subcommittees and Working Groups
- There shall be a standing subcommittee of the MS-ISAC Executive comprised of one representative of each key or critical infrastructure or major community segment of the SLTT Community maintaining significant Member representation within the MS-ISAC (such as but not limited to K-12, Higher Education, Public Utilities, Public Health, Emergency/First Responders, Judicial Entities, Maritime/Port Authorities, Water and Waste Water Treatment, etc.). This Steering Committee shall meet as often as is prescribed by the Executive Committee to conduct such activities as necessary to apprise the Executive Committee of the unique interests and requirements of the diverse segments of the MS-ISAC Membership, and to conduct research, coordination, and other appropriate working group activities designed to enhance the value of MS-ISAC Membership and the quality and relevance of MS- ISAC capabilities for the diverse segments of the SLTT Community.
- The MS-ISAC may establish working groups among the MS-ISAC Membership, or other such subcommittees reporting to the Executive Committee to conduct specific activities that are aligned to the overall vision and mission of the MS-ISAC and that benefit MS-ISAC Members and the SLTT community.
MS-ISAC Executive Committee Emeritus Member
The MS-ISAC gains significant value, experience, knowledge, and continued synergy with Member(s) appointed to Emeritus status. Past MS-ISAC Members who served the MS- ISAC Executive Committee with outstanding leadership and consistent efforts now are honored in continuing their outstanding efforts and their passion in holding this status as an honor that supports the Mission of the MS-ISAC.
To obtain Emeritus Member status for the MS-ISAC Executive Committee, the individual must have been a Member of the MS-ISAC Executive Committee for a minimum of two- elected terms. This status is confirmed and appointed by the MS-ISAC Chair.
- The term of an MS-ISAC EC Emeritus Members is a 1 (One) year term approved by the MS-ISAC Chair and will be annually reviewed for renewal during the Executive Committee elections cycle.
- The Emeritus Members are not voting Members.
- Emeritus Members shall be active ambassadors for the MS-ISAC by promoting and supporting its mission, by participating in reporting and other activities of the MS-ISAC, and by encouraging other Members to participate in the activities of the organization.
- Emeritus Members will assist in providing the Executive Committee guidance and insight on all aspects of Executive Committee activity.
MS-ISAC Executive Secretariat
There shall exist an MS-ISAC Executive Secretariat, appointed by CIS leadership to provide the organizational coordination, governance assistance, and administrative and logistical support necessary to accommodate the MS-ISAC activities and responsibilities identified within this charter.
Any changes made to this charter will be done by a majority vote of the EC Members voting.
- Original Charter Adopted October 2004
- Updated version adopted September 2009
- Updated version adopted March 2013
- Updated version adopted May 06, 2014
- Updated version adopted December 27, 2015
- Updated version adopted September 24, 2018
- Updated version adopted January 22, 2019
- Updated version adopted August, 17, 2021
- Updated version adopted April, 19, 2022
- Updated version adopted July 19, 2022
- Updated version adopted September 19, 2022