National Defense Information Sharing and Analysis Center (NDISAC) working groups provide a collaborative environment for NDISAC members to share expertise, best practices, threat information, and mitigation techniques, as well as discuss standards, tools and policies based on the needs of the members.

Working groups members are encouraged to meet on a regular basis, as well as attend NDISAC events for in-person collaboration to provide strategic guidance, industry context, and subject matter expertise.

All working groups have a dedicated space in the NDISAC portal for group collaboration and to use as a document repository. Working groups also have a personalized NDISAC staff member to assist with start-up and administrative questions. NDISAC will also help each working group to define a scope, target membership, and a set of deliverables.


NDISAC working groups are member driven, and as such, are comprised of dedicated members who volunteer their time and talent to assist with sector specific topics and deliverables in support of NDISAC goals and objectives. All working groups have a designated working group lead to facilitate discussions and ensure working groups are creating
deliverables for both external use and NDISAC-only.

Working Group Portal

NDISAC working groups utilize the NDISAC portal to share information, mitigation techniques, best practices and threat information. The NDISAC portal is also used to track virtual and in-person meetings, and is repository for any internal and external facing deliverables. Each working group is provided with a baseline working group area which includes:

  • Discussion forum
  • Document library
  • Knowledge base
  • Calendar

All NDISAC members have access to the working groups portals, however, working groups are able to restrict access to members-only depending on specific working group requirements. Additional working group needs, such as a customized working group space, are available upon request.


NDISAC working groups create internal-only and external facing content. All external facing content will be approved by the working group prior to any release. Common NDISAC working group deliverables include:

  • Tips and best practices
  • Guidelines
  • Standards and policies
  • Identifying topics/presentations for
    relevant upcoming NDISAC events

Trusted Environment

Trust is essential to creating an active collaborative environment. Members are governed by a mutually exercised non-disclosure agreement, and have the confidence that data shared and context discussed is not subject to further dissemination. Employing the Traffic Light Protocol (Red, Amber, Green, White) ensures that only NDISAC members will receive information classified Amber or above.

As a result, NDISAC working group threat sharing and collaboration occurs with an exceptional degree of trust, candor, and cooperation; and is undertaken with full confidence that all information shared and mitigation strategies discussed will not be attributed beyond the trusted environment without working group approval. This provides mutuality of trust, as well as an immediate perspective of the trustworthiness and value of the data shared based upon its attributed source.

NDISAC Working Groups

NDISAC is constantly identifying new working groups to meet member needs. New working groups are established based on NDISAC member requirements or formed from discussions at NDISAC hosted events. All new working groups are reviewed by NDISAC staff and approved by the NDISAC Board of Directors before they are recognized as a NDISAC working group. For a list of current NDISAC working groups, please visit our website: www.ndisac.org/dev/workinggroups

Copyright© NDISAC 2019