A community of security professionals working together to defend the manufacturing sector from cyber attacks.
What is MFG-ISAC?
Manufacturing Information Sharing and Analysis Center (MFG-ISAC) is a nonprofit cybersecurity threat awareness and mitigation community for small, medium and enterprise-level manufacturers in the United States. The MFG-ISAC team uses open source and proprietary intelligence to warn member companies of incoming cyberthreats and provides suggested tools and methods for prevention, remediation or recovery. Within the community, member companies are encouraged to share their own indicators and observables, best practices or advice on dealing with the many challenges the sector faces from malicious cyber activity. MFG-ISAC was launched by Global Resilience Federation, a creator and operator of ISACs in multiple sectors, with the support and guidance of CyManII.
What is the value?
MFG-ISAC allows the manufacturing industry to pool its expertise on threat awareness and management. It also allows an attack on one entity to provide early warning or cautionary education to the rest of the group. It is a secure, private place for cybersecurity teams to engage with each other for mutual defense. Streams of threat information come from other members but also from government, vendors and open sources that are collated and enriched by ISAC analysts for relevance and actionability in the community. It effectively enhances the detective footprint of an organization for a fraction of the price of another cybersecurity professional or subscription service.
What are the membership benefits?
Receive warning of cyberthreats to the industry
Engage industry peers to trust-source information and procedures for mutual defense, resilience and recovery
Share without attribution, to defend the community while protecting reputation
Access government, vendor, and partner community intel that is enriched by ISAC analysts for relevance and actionability
Join bimonthly analyst calls to discuss threats affecting the sector
Obtain best practices and advice on dealing with attacks or intrusions
Be notified by an emergency system in case of a systemic or pervasive attack to the sector
Access the MFG-ISAC collaboration platform for alerts, secure chat, a document library, and training materials
Receive special pricing on community-negotiated vendor technology, training and offerings
Access a multi-sector cooperative network offering automatic threat intelligence and IOCs from thousands of organizations around the world
“I have heard any number of excuses, but no compelling legal argument, for failing to share specific cybersecurity information between companies. If there’s a will to share, we’ve always found a legal way to share threat and vulnerability information. And, there should be a will to share.
Any company seeking validation that information sharing is broadly viewed as important and necessary, need look no further than its reference in the NIST Cybersecurity Framework, which is used by companies globally to identify, assess, and manage cyber risks.”
Steven Chabinsky
Retired Partner of Counsel | White & Case LLP
Former Head of Cyber Intelligence | FBI