Included in MS-ISAC® Membership at no cost
Security Operations Center
The MS-ISAC operates within the SOC, which is a 24x7x365 joint security operations and analytical unit that monitors, analyzes and responds to cyber incidents targeting SLTT government entities. The SOC provides real-time network monitoring and notification, early cyber threat warnings and advisories, and vulnerability identification and mitigation.
The SOC disseminates short and timely emails containing technical information regarding vulnerabilities in software and hardware.
Malicious Domain Blocking and Reporting (MDBR)
The Malicious Domain Blocking and Reporting (MDBR) service is offered to MS-ISAC members in partnership with the Cybersecurity and Infrastructure Security Agency (CISA) and Akamai. This service provides an additional layer of cybersecurity protection that is proven, effective, and easy to deploy. MDBR technology prevents IT systems from connecting to harmful web domains, helping limit infections related to known malware, ransomware, phishing, and other cyber threats. This capability can block the vast majority of ransomware infections just by preventing the initial outreach to a ransomware delivery domain.
Cyber Incident Response Team (CIRT)
Experiencing a cybersecurity incident? Even if your SLTT organization is not yet part of the MS-ISAC, you can reach out to us for help.
Malicious Code Analysis Platform (MCAP)
Cyber Threat Intelligence (CTI)
The CTI team collects, analyzes, and delivers actionable intelligence to operators and decision-makers responsible for defending SLTT governments. CTI maintains a curated, real-time, bi-directional indicator sharing platform which makes indicators available in the industry standard STIX/TAXII format at no cost to SLTTs and which can be integrated into local security operations. This platform is unique among the industry as it is tailored specifically for SLTTs.
Real-time Threat Indicator Feeds
MS-ISAC analysts work diligently to conduct research and gather intelligence about cyber threats targeting SLTT government and affiliated systems. The ISAC leverages both internal and external sources to create the only intelligence feed tailored for SLTTs. Carefully vetted and verified indicators, such as malicious domains and file hashes, are available for members to automate defenses within their local network. In most instances, no additional equipment is needed locally. Members have the option to choose from one or more collections.
Nationwide Cybersecurity Review (NCSR)
The NCSR is a no-cost, anonymous, annual self-assessment designed to evaluate cybersecurity maturity. The Senate Appropriations Committee has requested an ongoing effort to chart nationwide progress in cybersecurity and identify emerging areas of concern. In response, DHS has partnered with the MS-ISAC, NASCIO, and NACo to develop and conduct the NCSR.
Information Sharing, Cybersecurity Awareness, and Education
Through the Homeland Security Information Network (HSIN), MS-ISAC members can access a library of cybersecurity resources. This portal also provides contact information and allows for secure email and document sharing.
Access the HSIN portal. Everything we do at CIS centers around collaboration with other cybersecurity experts. In the MS-ISAC, working groups comprised of dedicated MS-ISAC partners get together to share their ideas and experiences. Learn more about MS-ISAC Working Groups
By working with MS-ISAC members and other cybersecurity partners around the country, MS-ISAC also provides:
- Cybersecurity table-top exercises
- Annual Best of the Web contest
- MS-ISAC Toolkit
- Weekly top malicious domains/IP report
- Annual National Cybersecurity Awareness Month Poster Contest Guide and Entry Form
- Webinars: Best Practices and National webinar series examines critical and timely cybersecurity issues.
On behalf of our MS-ISAC members, CIS coordinates a variety of DHS programs and initiatives:
- Cyber Hygiene Services
- Cyber Resiliency Review, Fed VTE, NCATS, Stop.Think.Connect, and more via US-CERT
- Stop Ransomware
- Security clearances for state Chief Information Security Officers
- Regional and national security exercises
CIS SecureSuite Membership
CIS SecureSuite Membership gives organizations around the world access to a collection of integrated cybersecurity resources such as CIS-CAT Pro Assessor, remediation content, and CIS-CAT Pro Dashboard. All of these tools help users evaluate and apply secure configuration settings to laptops, servers, network devices, and more. CIS SecureSuite Membership is free for U.S. SLTT government organizations.
Deloitte’s Cyber Detect & Respond Portal
Deloitte’s Cyber Detect & Respond Portal (“Portal”) is a secure, online platform for obtaining industry-leading Cyber Threat Intelligence (CTI) for enhancing knowledge, understanding, and the ability to identify potential cyber threats & attacks and reduce enterprise cyber risk. MS- and EI-ISAC members are eligible to be given access to this resource at no cost. For any inquiries on how to utilize the portal, please head to the Portal Reference Guide.
Additional Fee Based Options
Network Security Monitoring (Albert)
One of our most popular services is the network monitoring solution known as Albert. Albert consists of an IDS sensor that gathers network data and sends it to the MS-ISAC for analysis.
Vulnerability and Risk Management
CIS provides cost-effective vulnerability management solutions for networks and web applications as well as penetration testing and phishing engagements. Some services include:
- Network discovery and mapping
- Vulnerability assessment reporting
- Testing vulnerabilities for false-positives
- Identification of high-value assets
- Prioritizing vulnerabilities based on risk
- Custom phishing campaigns
Managed Security Services (MSS)
Managed Security Services (MSS) provide 24/7 monitoring, event analysis, and notifications for multiple security devices, including:
- IDS (Intrusion Detection System) / IPS (Intrusion Prevention System)
- Web proxies
- Switches/ Routers