States take step toward sharing cyberthreat data

Thirteen states, led by New York, last weekend conducted a communications exercise that could lead to a new, multistate information sharing and analysis center.

The ISAC, which would pool cyberthreat data gathered by states, is led by William Pelgrin, director of the New York City Office of Cyber Security and Critical Infrastructure.

No formal center exists yet, however. During the dry run, participating states reported to a central location any suspicious activities they monitored on the Internet over the Presidents Day weekend

"There was no malicious activity," said Mike Russo, chief information security officer in Florida's state technology office. "The exercise was about the communications and working relationships with the other states."

Russo said Florida was invited to participate "because of some of the work we're doing in the cyber area." Starting in May 2001, the state has been auditing its agencies' networks to establish a security baseline and set policy for disaster recovery and training.

"Since Sept. 11, we have accelerated," Russo said. "I think we've made progress."

Because sharing information about security threats and vulnerabilities is seen as essential to protect the nation's critical infrastructures, the federal government has encouraged the creation of ISACs to share information in commercial sectors such as banking, public utilities and IT. It also encourages information sharing with federal agencies.

The ISACs serve as central collection points where data can be gathered and evaluated. Most such information is sanitized before distribution because of participating organizations' liability concerns.