ISAC information sharing groups

The food, trade and distribution industries are closely interdependent. Similarly to other sectors, companies in these sectors strive to improve their efficiency by digitalising their operations. This is particularly evident in the strong growth of automation and robotics solutions. The FOOD SUPPLY-ISAC addresses the challenges of the digitalising operating environment among operators in the food, trade and distribution industries.

The operability of critical infrastructure requires close cooperation. Even though the number of cyber threats is on the increase, it is possible to secure the continuity of energy production, provided that secure operating methods and practices are adhered to. The energy sector information sharing group E-ISAC consists of operators in the Finnish energy sector. The group members represent electricity production and transmission as well as fuel production.

Contingency planning for cyber security risks is a central priority in the financial sector. Even though an organisation’s own capacity forms the cornerstone of cyber security, no organisation can manage alone. Therefore, banks engage in close cooperation with other banks and operators. FINANCE-ISAC shares information on the cyber threats targeted at the financial sector and on the best practices for protection against these threats.

ICT service providers are at the heart of a digital and secure society on many levels, both maintaining and enabling new services for different industries. The group consists primarily of organisations that provide services to actors critical to security of supply. The ICT-ISAC  information sharing group shares information on perceived threats and best practices to protect against cyber threats.

Telecommunications operators and Finnish authorities have engaged in determined cooperation as a response to changing cyber threats. Since telecommunications operators represent the frontline of security breach detection, it is crucial that they are able to share up-to-date information about the threats. Telecommunications operators and the National Cyber Security Centre Finland cooperate closely to resolve and prevent information security incidents. ISP-ISAC, the information sharing group for the cyber security matters of telecommunications operators, is participated in by parties essential to the functionality and security of communications networks, such as telecommunications operators, authorities and organisations that maintain internet connection points.

The CHEMISTRY-ISAC formed by chemical and forest industry companies focuses extensively on the various phenomena and areas of cyber security. Information security in the sector is linked to employees’ security competence as well as the security of automated systems. CHEMISTRY-ISAC enables information exchange among the sector’s companies in matters related to common threats, problems and challenges.

Businesses in the real estate and construction sector have developed their activities with a strong focus on digitalisation. As a result, cyber security has become an increasingly important part of the overall security of these companies. The KIRA-ISAC information sharing group for the real estate and construction sector enables the exchange of information about general cyber threats and those that concern specifically the sector in question. The group brings together a wide range of organisations, providing as extensive a picture of the sector as possible.

The activities of high-technology companies are centred on innovation and advanced expertise. Protecting intellectual property and intellectual capital poses specific challenges for cybersecurity. The HITECH-ISAC information sharing group includes companies operating in the high-tech and deep-tech sectors. The group aims to take into account issues related to the specific operating environments of these companies.

Municipalities are responsible for organising hundreds of statutory services and are thus a vital part of civil society. Therefore, it is important that municipal services work and that municipalities are also able to respond to cyber threats. In the MUNICIPALITY-ISAC information sharing group, municipal representatives can share information on threats to the municipal sector and best practices for protecting against cyber threats.

The future of transport is characterised by intelligent transport, 5G networks, autonomous vehicles and drone transportation. Awareness of and preparedness for the threats brought by new technology contributes to the utilisation of the technology. In addition, reliable and functional information systems are already crucial for the management of logistics chains, traffic control and passenger services. L-ISAC shares information on threats, information security incidents and phenomena related to logistics and transport as well as analyses their impacts and the related protection methods across transport modes.

The defence system as a whole is not the responsibility of the Finnish Defence Forces alone, but encompasses a broad network of companies operating across different sectors of society. MIL-ISAC is a cross-sectoral information sharing group that brings together companies, the Finnish Defence Forces and the National Cyber Security Centre Finland. Through cooperation, the group seeks to strengthen the capability of the defence system as a whole to operate in both normal and emergency conditions.

The media sector is typically less restrained about the deployment of new technologies than many other industries. In addition, media companies use various software and services specific to their sector. These products and their cyber security solutions are familiar to fewer operators, and each company in the sector has their own methods for using the software and services. MEDIA-ISAC information sharing group discusses ideas and viewpoints confidentially among cyber security experts of the media sector and seeks solutions to common problems and timely challenges.

Digitalisation progresses at a fast pace also in the social welfare and health care sector. As a result, risk management and information exchange in the sector are increasingly important. The ISAC group for the social welfare and health care sector was established to enable information sharing among the sector’s operators and to improve their capacity to protect themselves against cyber threats and risks.

One of the key objectives of the ISAC group for authorities is to ensure a secure digital future. The group enables discussing various projects, phenomena and measures in a confidential, extensive manner that would not otherwise be possible. The situational picture created cooperatively enables responding to minor and major threats alike. The central government’s ISAC activities are participated in by approximately 50 organisations.

There are numerous similarities in the operation of water management sector operators regardless of their geographical distribution across Finland. Information sharing provides remarkable benefits to the sector. For example, questions related to automated systems and their protection are essential in the water management sector. The ISAC group for water management was established in 2018 as part of the National Emergency Supply Agency’s KYBER 2020 programme. The programme also involved producing assessment methods and instructions for automation managers and other experts responsible for their organisation’s cyber security matters in order to enable various establishments to estimate the state and development needs of their cyber security practices from the perspectives of both automated systems and purchased services.