The oil and gas industry this week announced they have launched an Information Sharing and Analysis Center (ISAC) specifically to help companies in this sector work more closely to share threat intelligence and mitigation knowledge.
“To protect our nation’s critical infrastructure, the Oil and Natural Gas Information Sharing and Analysis Center (ONG-ISAC) is being created to provide shared intelligence on cyber incidents, threats, vulnerabilities, and associated responses present throughout our industry,” the ONG-ISAC website states.
The newly formed coalition notes that in the first half of 2013, ICS-CERT addresses over 200 incidents across all critical infrastructure sectors, and more than of those incidents were targeting the energy sector.
“As cyber threats evolve, the oil and natural gas industry faces unique challenges with the increasingly interconnected delivery of services to a common consumer and supplier base,” ONG-ISAC says.
The organization is structured around four basic principles, including anonymization of data submitted, authentication of the shared intelligence, that it will remain industry owned and operated, and that it will be exempt from Freedom of Information Act requests for data, which federal government agencies are subject to.
Members will receive:
- Guided, anonymous information sharing via a secure web portal
- Automated sharing of machine-readable threat indicators
- Real-time notifications for near real-time analyses
- Open access to community leaders and security analyst experts
- Discover threats and vulnerabilities from ONG-ISAC members, other ISACs, vendors, and the U.S. Government, all in one place
- Coordinated response between members during industry incidents
Annual fees for membership range from just $2,000 on up to $50,000, depending on the annual revenues of the company.
Read More Here…