O SlideShare utiliza cookies para otimizar a funcionalidade e o desempenho do site, assim como para apresentar publicidade mais relevante aos nossos usuários. Se você continuar a navegar o site, você aceita o uso de cookies. Leia nosso Contrato do Usuário e nossa Política de Privacidade.
O SlideShare utiliza cookies para otimizar a funcionalidade e o desempenho do site, assim como para apresentar publicidade mais relevante aos nossos usuários. Se você continuar a utilizar o site, você aceita o uso de cookies. Leia nossa Política de Privacidade e nosso Contrato do Usuário para obter mais detalhes.
Building the Next Generation ISAC-- A Blueprint for Success
Booz Allen Hamilton is a
leading provider of management
consulting, technology, and
engineering services to the
US government in defense,
intelligence, and civil markets,
and to major corporations,
institutions, and not-for-profit
organizations. Booz Allen is
headquartered in McLean,
Virginia, employs approximately
23,000 people, and had revenue
of $5.76 billion for the 12 months
ended March 31, 2013. In 2014,
Booz Allen celebrates its 100th
anniversary year. To learn more,
About Booz Allen Hamilton
Building the Next Generation
ISAC—A Blueprint for Success
Information Sharing as a Critical Asset
Cyber-attacks have leveled the playing field for today’s businesses, encouraging industries to collaborate and
share cybersecurity information. As threats evolve, companies rely on their peers and competitors to better
understand common challenges presented in the evolving threat environment and to learn how they can work
together to remediate and protect their critical infrastructure. To be more effective at both the business and
industry level, Information Sharing and Analysis Centers (ISAC) have become key players in strengthening an
industry’s resistance to and resilience after cyber-attacks. ISACs provide a trusted environment for members
to share information during both steady-state and crisis operations and to decrease overall cybersecurity risk.
At Booz Allen Hamilton, a leading strategy and technology consulting
firm, our experience working on the most sophisticated national security
threats has given us superior visibility into the landscape of emerging
cyber challenges within both the government and commercial industry
sectors. We work to fully understand your unique cybersecurity challenges
and tailor solutions so that you can act decisively. Building an ISAC
requires the acumen and knowledge in understanding a complex threat
environment and the expertise in how to share critical information and
navigate collaboration with both industry partners and government
entities. Given our experience and record of success, we can apply a
unique approach to building and growing ISACs across various critical
Booz Allen’s ISAC Organizational Blueprint
Experience shows us that there are foundational building blocks
necessary to create successful information sharing and analysis
organizations. Whether yours is a new ISAC or an existing ISAC looking
to mature, the five key building blocks—Governance, Policy, Technology,
For more information, contact
Culture, and Economics—ensure the solid foundation required for successful implementation. We ask
questions such as:
• Policy: Who is eligible for membership?
• Governance: How will the ISAC be governed and does it have a strong leader with the right
industry and functional cybersecurity skills to oversee day-to-day operations?
• Technology: What mechanisms exist to manage identities, authorize and authenticate users,
and ensure confidentiality?
• Culture: Has the ISAC created a trusted environment where members feel comfortable
• Economics: How will the ISAC be funded and measure success?
We have seen these building blocks emerge via a five-phase process that engages key industry
partners from inception to maturity.
As ISACs mature, Booz Allen can provide support across three focus areas: management, operations,
Booz Allen recognizes the importance of an ISAC to:
• Create a trusted environment to quickly detect or respond to threats before they affect
• Learn from others to decrease your overall risk, increase safety, and avoid revenue loss
• Protect your reputation and serve as an industry leader out in front of attackers
• Access pertinent information to avoid data overload and make timely decisions
Client Success Stories
• Startup Project Management: Booz Allen partnered with the oil and natural gas subsector to
create an ISAC to strengthen the industry.
• Cyber Threat Sharing: Booz Allen supported the Defense Information Systems Agency and DoD
Chief Information Officer in the development, accreditation, and sustainment of the Defense
Industrial Base Network Portal environment (DIBNet) to allow DIB companies and the U.S.
Government to exchange cyber threat and incident information.
• Enhancement Through Wargaming: Booz Allen joined forces with the financial services industry
to conduct simulations and evaluate industry response to cybersecurity risks and incidents.
ISAC FOCUS AREAS BOOZ ALLEN SUPPORT
• Advisory services
• Conference and webinar support
• Member management
• Cybersecurity roadmaps
• Project management
• ISAC start-up support
• Stafﬁng support
• Subject matter expertise
• Threat intelligence
• Forensics & malware analysis
• Simulations and exercises
• Industry benchmarking
• Vendor benchmarking
• Onsite incident response
and recovery support
• Strategic communications
• Development of secure
• Incident response plans
• System/ﬁrewall support
• Intrusion detection
• Industry best practices