North Carolina Information Sharing and Analysis Center (NC-ISAC)
The mission of the North Carolina Information Sharing and Analysis Center (NC-ISAC), consistent with the objectives of the National Strategy to Secure Cyberspace, is to provide a common mechanism for raising the level of cybersecurity readiness and response in state and local governments. The NC-ISAC provides a central resource for gathering information on cyber threats to critical infrastructure from state agencies and providing two-way sharing of information between and among the state agencies and with local government where permissible.
- Disseminate early warnings of cyber system threats
- Share security incident information
- Provide trending and other analysis for security planning
- Distribute current proven security practices and suggestions
- Promote awareness of the interdependencies between cyber and physical critical infrastructure, as well as between and among the different sectors
The NC-ISAC is operated by the North Carolina Department of Information Technology (DIT), Enterprise Security and Risk Management Office (ESRMO) Information Protection team at the direction of the State Chief Information Officer (SCIO) and State Chief Information Security Officer. The Information Protection team is strategically aligned to facilitate NC-ISAC coordination as the primary abuse complaint receiver and single point of contact with law enforcement on all DIT-operated and assigned network IP addresses. The NC-ISAC Information Protection team is also responsible for cybersecurity incident response within the executive branch of state government, as well as the timely dissemination of cybersecurity threats and warnings.
- Distribute cybersecurity advisories and bulletins
- Cyber incident response and assistance to NC-ISAC members
- Operate NC-ISAC secure website
- Participate in cyber exercises such as the national Live Wire and Cyber Storm exercises
- Adhere to cyber incident reporting statutes
- Support and promotion of National Cybersecurity Awareness Month
- Access to the NC-ISAC Contacts Database through the US-CERT web portal
- Distribution of tools, software, and brochures provided by the MS-ISAC
- Represent all NC-ISAC members at the yearly meeting of the MS-ISAC
- Collaboration with third parties when necessary on behalf of the NC-ISAC
NC-ISAC Cyber Analysis Center
The NC-ISAC Cyber Analysis Center receives, vets, and correlates information about vulnerability, threat and other significant cyber-related events. Relevant and significant information is then redistributed to the entire membership. Before redistribution, information is analyzed to incorporate a “value add” – in other words, incorporation of additional information regarding mitigation strategies or interim steps that can be taken to protect the infrastructure. These advisories are then distributed to the members.
NC-ISAC Common Cyber Alert Level Procedures
The NC-ISAC has adopted a common Cyber Alert Indicator Protocol to ensure consistency in cyber alert levels across members. This protocol provides an indication that a member who has posted their cyber alert level at “Guarded” has met certain criteria that meets this cyber alert level.
NC-ISAC Cybersecurity Incident Reporting Procedures
By General Statute, State Executive Branch agencies are required to report cybersecurity incidents to the State Chief Information Officer. Information from these reports is used to provide trending on cybersecurity threats as well as determine the need to notify NC-ISAC members of possible large scale malware outbreaks or cyberattacks. Monthly reports listing all reported cybersecurity incidents are provided to the Office of the State Auditor in compliance with an agreement between the State Chief Information Officer and the State Auditor.
Non-executive branch members of the NC-ISAC may voluntarily report cybersecurity incidents if they feel the information will be a benefit to all members for trending purposes or if the member needs assistance from the NC-ISAC to facilitate passing the information to the Multi-State ISAC for complete analysis. Any information received through voluntary or mandatory reporting will be redacted to eliminate the possibility of identifying the submitter if the information is deemed valuable from an awareness standpoint and redistributed to all NC-ISAC members.
Report Cybersecurity Incidents
- Contact the Information Protection Team:
Albert Moore 919-754-6245
Michael McCray 919-754-6295
Jason Quinn 919-754-6582
Group E-Mail (firstname.lastname@example.org)
- Contact our Service Desk for immediate assistance: