Overview and Mission
The Multi-State Information Sharing and Analysis Center (MS-ISAC), a division of the Center for Internet Security (CIS), is the focal point for cyber threat prevention, protection, response, and recovery for the nation’s state, local, tribal, and territorial (SLTT) governments.
The mission of the MS-ISAC is to improve the overall cybersecurity posture of the nation’s SLTTs governments through focused cyber threat prevention, protection, response, and recovery.
The MS-ISAC provides a central resource for gathering information on cyber threats to critical infrastructure and two-way sharing of information between and among public and private sectors to identify, protect, detect, respond and recover from attacks on public and private Critical Infrastructure (CI). The MS-ISAC’s 24-hour Security Operations Center (SOC) monitors, analyzes, and responds to cyber incidents targeting SLTT government entities. The SOC provides real-time network monitoring and notification, early cyber threat warnings and advisories, and vulnerability identification and mitigation.
The MS-ISAC comprises representatives from SLTTs. The MS-ISAC has built and nurtured a trusted environment between and among our nation’s SLTTs by providing direct access to cybersecurity advisories and alerts, vulnerability assessments, and incident response for entities experiencing a cyber threat, secure information sharing through the Homeland Security Information Network (HISN) portal, tabletop exercises, a weekly malicious domains/IP report, multiple DHS initiatives, CIS SecureSuite Membership, MS-ISAC National Webinar, and more.
The MS-ISAC works closely with the Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and is recognized as the national Information Sharing and Analysis Center (ISAC) for SLTT cyber readiness and response coordination.
The MS-ISAC also works closely with other partner organizations, such as the National Council of ISACs, the National Governors’ Association, the National Association of State Chief Information Officers, and fusion centers, as well as other public and private sector entities to build trusted relationships to further enhance our collective cybersecurity posture.
Principles of Conduct
The MS-ISAC is operationally focused and achieves its actions through:
As part of MS-ISAC membership and in order to achieve a higher state of readiness and resilience to help protect our critical infrastructure, each MS-ISAC Member will be guided by the following principles of conduct in all of their MS-ISAC interactions:
- Agree to the above-stated common Mission.
- Agree to the MS-ISAC’s philosophy of collaboration and cooperation and work collaboratively with all entities within their organization to promote the collective mission of the MS-ISAC.
- Agree to share appropriate information between and among peer MS-ISAC Members to the greatest extent possible.
- Agree to collaborate and share across the critical sectors to reduce traditional stovepipes, minimize barriers, and foster our collective MS-ISAC mission.
- Agree to recognize the sensitivity and protect the confidentiality of the information shared and received in the MS-ISAC, taking all necessary steps and at least the same or similar precautions to protect information from others as is taken to protect your own sensitive information.
- Agree to transmit sensitive data to other Members-only through the use of agreed-upon secure methods.
- Agree to take all appropriate steps to help protect critical infrastructure.
MS-ISAC Organizational Membership
There shall be two categories of MS-ISAC membership. An organization shall be eligible for MS-ISAC membership provided the organization meets the following requirements for one of those two categories:
- An MS-ISAC Member is an SLTT government or a not-for-profit organization dedicated solely to supporting SLTT functions or organizations.
- MS-ISAC Members can include individuals from either the cybersecurity, physical security, or related departments of SLTT organizations.
- MS-ISAC Member organizations must accept and agree to the MS-ISAC Membership Terms and Conditions or execute an MS-ISAC Membership Agreement.
MS-ISAC Supporting Membership
- An MS-ISAC Supporting Member is a contractor that is sponsored by an MS-ISAC Member who has been hired by that MS-ISAC Member to directly support the operations and/or maintenance of MS-ISAC Member SLTT information technology systems.
- MS-ISAC Supporting Members must:
- Be sponsored by an MS-ISAC Member receiving their services.
- Execute the MS-ISAC Supporting Membership Agreement.
- Be validated by the MS-ISAC staff as eligible for Supporting Membership.
- Annually certify their continuing eligibility for Supporting Membership.
- Notify the MS-ISAC Executive Secretariat when they are no longer eligible for MS-ISAC Supporting Membership.
- MS-ISAC Supporting Members may receive information distributed to MS-ISAC Members including educational materials, event notifications, and warnings.
- Supporting Members are not:
- Permitted to share information gained through the MS-ISAC membership that is not available to the general public.
- Entitled to other MS-ISAC Member services, including, without limitation, incident response services (unless requested by an SLTT entity), federally funded products and services, MS-ISAC Member requested research and published educational awareness materials.
- Entitled to vote as an MS-ISAC Member on any item brought forward for MS-ISAC Membership vote.
- Entitled to serve as an Executive Committee Member.
- Member: refers to any individual from either a MS-ISAC Member or Suporting Member.
- Primary Member: the designated individual point of contact (POC) for an organization.
- Chair: this individual is appointed by the president of the Center for Internet Security, Inc. Chair directs the day-to-day functions of the MS-ISAC and coordinates activities and funding with the Federal Government.
- MS-ISAC Executive Committee (EC) Member: refers to a MS-ISAC Member who is elected by the SLTT membership to assist in governance for the MS-ISAC.
- Formal vote: refers to an official vote for which it is announced in advance that votes will be counted. This may occur during the course of a meeting or via email balloting.
Designated, Elected, and Appointed Individual Members
There shall be two categories of individuals participating in MS-ISAC activities as designated by MS-ISAC Members and MS-ISAC Supporting Members. These are MS-ISAC Individual Members and MS-ISAC Primary Members.
MS-ISAC Individual Members
- MS-ISAC Members and Supporting Members may designate individuals within their organization to participate in MS-ISAC meetings and activities and to have access to MS-ISAC data suitable for their organizational membership category. Individuals so designated are referred to as MS-ISAC Individual Members.
- MS-ISAC Members and Supporting Members may designate as many MS-ISAC Individual Members as it deems appropriate to participate in MS-ISAC meetings and events, and to have access to MS-ISAC data and collaborative activities.
- The MS-ISAC shall maintain a roster of all MS-ISAC Individual Members.
MS-ISAC Primary Members
- Each MS-ISAC Member may appoint (2) two Primary Members to officially represent them on the MS-ISAC. One of these Members must be the Chief Information Security Officer or any such individual identified as being responsible for cybersecurity duties for the SLTT.
- Each MS-ISAC Supporting Member may similarly appoint (2) individuals to officially represent them on the MS-ISAC. One of these Supporting Members must be directly responsible for providing services or systems to an MS-ISAC Member.
MS-ISAC Elected or Appointed Members
- Elected by MS-ISAC Primary Members to serve as an Executive Committee Member.
- Elected by the Executive Committee when serving as an Executive Committee Member to serve as its Chair.
- Appointed to fulfill a vacant Executive Committee Member seat or to fill a designated seat on a subcommittee or working group by the MS-ISAC Chair in coordination with the MS-ISAC Executive Secretariat.
MS-ISAC meetings are open to all MS-ISAC Individual Members unless restrictions are otherwise published. The MS-ISAC Chair, in consultation with the MS-ISAC Executive Secretariat, will determine when records, artifacts, or minutes of MS-ISAC meetings may be released beyond the MS-ISAC membership.
MS-ISAC Executive Committee, Subcommittees, and Working Groups
MS-ISAC Executive Committee
- There shall be a sixteen (16) Member MS-ISAC Executive Committee to advise the MS-ISAC Chair and MS-ISAC Executive Secretariat on the strategic direction of the MS-ISAC and to guide MS-ISAC working groups and subcommittees towards the successful execution of their deliverables and activities.
- Any MS-ISAC Individual Member serving as an official or an employee of an SLTT may be nominated to serve on the Executive Committee.
- Nominees are voted upon by MS-ISAC Primary Members within the SLTT segment of the vacant seat being voted upon.
- There may only be one individual Member per MS-ISAC Organizational Member elected to the Executive Committee.
- The MS-ISAC Executive Committee shall consist of:
a. The MS-ISAC Chair (elected by and from the Executive Committee)
i. The MS-ISAC Chair shall
- Call and preside over Executive Committee meetings.
- Approve Executive Committee meeting agendas.
- Direct the functions of the MS-ISAC Executive Committee.
- Ensure the Executive Committee acts in all manners with professional objectivity, ensuring appropriate focus and attention is afforded to all MS-ISAC SLTT segments and Member organizations.
- Guide the Executive Committee in providing strategic guidance regarding the MS-ISAC and SLTT community to the senior executive leadership of CIS, DHS/CISA, and other key partners as necessary.
- Create Executive Committee subcommittees to research, investigate and inform the Executive Committee on matters of relevance to MS-ISAC Membership and the SLTT community.
- Cast the tie-breaking vote when the Committee’s voting quorum is equally divided.
b. 7 (Seven) Members from state/territory governments
c. 5 (Five) Members from local government of which:
i. a minimum of 2 (two) will be from county government.
ii. the remaining 3 (three) may be from city, county, or represent other local government interests including K-12 or critical infrastructure.
d. 2 (Two) Members from tribal governments.
e. 2 (Two) Members from fusion centers.
6. MS-ISAC Executive Committee Member Terms shall be 3 (Three) years, during which any Executive Committee Member may serve a term as MS-ISAC Chair for 2 (Two) year term. In the case where the MS-ISAC Chair’s Executive Committee membership expires, the Chair must seek and be elected for continued Membership or forfeit the remainder of the term as MS-ISAC Chair.
7. MS-ISAC Executive Committee Members will be voted in by a majority of the votes received as follows:
a.MS-ISAC State and Territorial Primary Members will only vote for state and territorial Executive Committee vacant seats.
b.MS-ISAC Local Primary Members will only vote for local government Executive Committee vacant seats.
c.MS-ISAC Tribal Government Primary Members will only vote for tribal government Executive Committee vacant seats.
d.MS-ISAC Fusion Center Primary Members will only vote for Fusion Center Executive Committee vacant seats.
e. Only MS-ISAC Executive Committee Members will vote for the MS-ISAC Chair.
8. If an Executive Committee Member vacates their seat prior to the end of their term, the vacated seat will be filled by appointment of the MS-ISAC Chair from a list of appropriate candidates provided by the MS-ISAC Executive Secretariat.
9. The Executive Committee will vote on matters brought to its attention or identified within its deliberations. Each Committee Member will have one vote on matters presented by the MS-ISAC Chair for a Committee vote. The MS-ISAC Chair may not vote unless there is a required tie-breaking vote.
10. The Executive Committee will meet by phone/webcast or in person or as otherwise determined by the MS-ISAC Chair. Unless the Committee is meeting in executive session, meetings may be attended by MS-ISAC staff and invited guests. Closed session Executive Committee meetings are restricted to Executive Committee members and, as deemed necessary by the MS-ISAC Chair, MS-ISAC Executive Secretariat support. Executive Committee Member attendance at meetings cannot be delegated to other individuals in their organization.
11.Executive Committee Members are ambassadors of the MS-ISAC who promote and support the MS-ISAC, its Members, and its collective mission by participating in activities of the MS-ISAC and by encouraging other Members to actively participate in the MS-ISAC.
12.Executive Committee membership requires active participation to oversee the MS-ISAC mission. Committee Members must maintain active participation in Committee meetings and responsiveness to correspondence requiring their review and response. Committee Members may be subject to removal from their position by the MS-ISAC Executive Secretariat in coordination with the MS-ISAC Chair as a result of a sustained pattern of nonparticipation.
MS-ISAC Executive Committee Emeritus Member
The MS-ISAC gains significant value, experience, knowledge, and continued synergy with Member(s) appointed to Emeritus status. Past MS-ISAC Members who served the MS-ISAC Executive Committee with outstanding leadership and consistent efforts now are honored in continuing their outstanding efforts and their passion in holding this status as an honor that supports the Mission of the MS-ISAC.
To obtain Emeritus Member status for the MS-ISAC Executive Committee, the individual must have been a Member of the MS-ISAC Executive Committee for a minimum of two-elected terms. This status is confirmed and appointed by the MS-ISAC Chair.
- The term of an MS-ISAC EC Emeritus Members is a 1 (One) year term approved by the MS-ISAC Chair and will be annually reviewed for renewal during the Executive Committee elections cycle.
- The Emeritus Members are not voting Members.
- Emeritus Members shall be active ambassadors for the MS-ISAC by promoting and supporting its mission, by participating in reporting and other activities of the MS-ISAC, and by encouraging other Members to participate in the activities of the organization.
- Emeritus Members will assist in providing the Executive Committee guidance and insight on all aspects of Executive Committee activity.
MS-ISAC Executive Secretariat
There shall exist an MS-ISAC Executive Secretariat, appointed by CIS leadership to provide the organizational coordination, governance assistance, and administrative and logistical support necessary to accommodate the MS-ISAC activities and responsibilities identified within this charter.
Working Groups and Subcommittees
The MS-ISAC may establish working groups among the MS-ISAC Membership, or subcommittees of the Executive Committee to conduct specific activities that are aligned to the overall vision and mission of the MS-ISAC and that benefit MS-ISAC Members and the SLTT community.
Any changes made to this charter will be done by a majority vote of the EC Members voting.
- Original Charter Adopted October 2004
- Updated version adopted September 2009
- Updated version adopted March 2013
- Updated version adopted May 06, 2014
- Updated version adopted December 27, 2015
- Updated version adopted September 24, 2018
- Updated version adopted January 22, 2019
- Updated version adopted August, 17, 2021