Did you know ND-ISAC hosts over 23 working groups focused on cyber operations, threat intelligence, compliance/risk management, and engineering? During the past three years the ND-ISAC working group program has evolved from meetings of peers, to collaborative work environments where teams of subject matter experts combine to share security best practices, support cyber/technology program maturity, and share operational threat information. The multiple working groups provide the ND-ISAC community exclusive content that helps members refine and enhance different aspects of their security posture. Below are two examples of content our working groups produced in 2020 and their plans for 2021.
The Red Team Working Group recently announced the publication of the Red Team Maturity Matrix (RTMM) to the ND-ISAC community. For the past 6 months the working group has been busy capturing best practices and experience of subject matter experts to describe the different levels of maturity that Enterprise Red Teams can aspire to. The RTMM breaks maturity down into four distinct levels measured across a team’s people, organization, process, technology, and operations. It provides a starting structure and some key areas to consider as a security organization crafts or refines its vision of a Red Team. These lessons and the maturity matrix structure are relevant to other parts of the team, as the entire security organization matures and individual teams begin to more closely support each other’s operations. The Red Team Maturity Matrix is available to members within the ND-ISAC secure portal.
The Vulnerability Management Working Group focuses on emerging threats and vulnerabilities. During each of their bi-weekly meetings member companies take turns briefing on current vulnerabilities and mitigation strategies. Their reports to the working group open dialogue for more in-depth conversations on the threat landscape and how each member company is working to mitigate/remediate vulnerabilities and risks. Their 2020 accomplishments include:
- Combined Working Teams with AppSec for Container Security; prompting a new ND-ISAC working group focusing on Container Security
- Regular sharing of Emergent Vulnerabilities, Analysis & Approach
- Approach for establishing a Vulnerability Disclosure Program
- Alignment on Risk factors used to prioritize efforts
- DFARS/CMMC relationship to Vulnerability and Asset Management
- Relationship of Incident response to Vulnerability Management
- Leveraging Threat Intel / Alignment of processes for detect & response activities
- Sharing of COVID-19 shifts in threat landscape and approach
In continuing their success the Vulnerability Management team identified goals for 2021 year:
- Supply Chain Integration for Vulnerability Management and Software Asset Management
- OT Security
- Continue to identify where they can influence CMMC/DFARS
- Managed services/governance
The ND-ISAC working groups continue to provide invaluable sources of information to our member companies. If you are interested in learning more about how you can become involved with ND-ISAC, email: firstname.lastname@example.org.