NDISAC Working Groups

Capabilities, Processes & Readiness (CPR) Working Group

The NDISAC Capabilities, Processes & Readiness (CPR) Working Group assists small/medium sized companies grow or develop cybersecurity capabilities by producing and discussing general security best practices. Members discuss effective threat intelligence sharing and develop procedures, processes and tips to help build threat intel and IR teams. Additionally, the working group works on security tool development and suggestions and general awareness to prepare for an incident (proactive instead of reactive).

Members for the CPR Working Group include those within their organization who have experience with incident response and/or threat intelligence, knowledge of their organizational security capabilities, and the ability to influence (or discuss with someone who can influence) security decisions within their organization. If you are interested in learning more or becoming a member of the CPR Working Group contact info@ndisac.org.

Insider Threat Working Group

The Insider Threat Working Group develops and publishes cyber operational strategies and best practices with respect to a wide-range of business and risk objectives in response to cyber security threats, attacks, and vulnerabilities. This working group reviews threat intelligence from member companies and other sources, with an analytical focus on threat and risk rather than any specific threat actor.

The Insider Threat Working Group welcomes new members who have experience with insider threats, including: SMEs, cybersecurity leads, and managers. If you are interested in learning more or becoming a member of the Insider Threat Working Group contact info@ndisac.org.

Operational Technology (OT)/Internet of Things (IoT) Working Group

The OT/IoT Working Group focuses on OT and IoT technologies with physical consequences or implications. This peer collaboration group defines standards, approaches, and guidance toward appropriate security of OT and IoT spanning a variety of business integrations (ICS, SCADA, site logistics, IoT, and other cyber-physical solutions); produces and discusses cyber-physical security best practices; and educates members on risks inherent in OT applications.

Members include those within their organization who work directly with security solutions for OT/IoT with physical implications, understand the foundational aspects of computing technologies, and have the ability to influence (or discuss with someone who can influence) security decisions within their organization. If you are interested in learning more or becoming a member of the OT/IoT Working Group contact info@ndisac.org.

Social Media Security Working Group

The Social Media Security Working Group focuses on initial techniques and best practices for social media monitoring as well as helping members realize and recognize when there is a problem with social media, including:

  • Adversary targeting of employees
  • Sending messages to employees via social media
  • Social engineering practices
  • Malware delivery
  • How to possibly identify and alert on exfiltration of data

Social media security is the “new/next frontier” targeting and attack vector, that has the possibility of hitting almost every kill chain phase within an organization. It is an area that security teams are just starting to learn how to deal with. The working group allows organizations to come together and discuss ideas and share knowledge about social media security.

Members include those within the organization who have the ability to initiate a social media monitoring program and those who understand how their network is setup. If you are interested in learning more or becoming a member of the Social Media Security Working Group contact info@ndisac.org.