4 min read
Previous story← Pen Testing - Does it pay to spend?
Smaller cities and counties will soon be able to more easily get free network information security monitoring.
The Public Infrastructure Security Cyber Education System, aka PISCES, is reaching out and looking for new Washington State local governments to get free network monitoring. PISCES is also publishing a two-page brochure showcasing the non-profit’s work over the past decade – see the full brochure below.
Led by CISO Mike Hamilton and a coalition of public and private stakeholders, PISCES aligns with Critical Insight's mission to protect and defend critical services through local infrastructure protection, workforce development, and cybersecurity research.
Many smaller cities and counties cannot afford threat monitoring, yet are targeted with the same attacks as large municipalities. PISCES gives them free monitoring by handing the data to students at Universities in Washington State. The cities and counties get the cyber defense they need, and students get to learn how to be cyber analysts. Mike explains the non-profit's mission and how it works in this 19-minute podcast with UberKnowledge, a cybersecurity training company with a focus on evangelization, ethics, and diversity.
Students working on protecting cities and counties use Critical Insight’s technology to look at cyber alerts. Critical Insight’s staff, including founder Mike Hamilton, lend their time to PISCES to train students. The best of those students then come to work at Critical Insight when they graduate.
"I’ve been working on PISCES for a while because I saw first-hand how vulnerable smaller communities are," notes Mike, reflecting on his time as CISO for the City of Seattle in the late 2000s. "As CISO for a major U.S. City, I had the resources to implement controls – including security event monitoring. However, as I worked with the IT leaders managing smaller local governments in the state, I saw their security programs would impact my security program, and vice versa. The origins of PISCES began from the need to share event information in real-time. After 10 years working on the partnerships necessary to integrate no-cost security monitoring for local governments with university-level cybersecurity education, we are ready to accept new local government applicants to the program."
Read on for a deep dive into the PISCES program, how it works, and why it matters for local governments, local communities, and the future of cybersecurity.
Leaders who are interested in learning more about the PISCES program can reach out to Mike Hamilton on LinkedIn. If you represent a WA State-based jurisdiction or academic institution interested in participating in PISCES, you can contact PISCES NW on their website.
PISCES—the Public Infrastructure Security Cyber Education System—is an extension of the Public Regional Information Security Event Management (or PRISEM) regional monitoring system deployed in the Puget Sound region from 2009-2013. The Cyber Security Division of the U.S. Department of Homeland Security (DHS) Science and Technology Directorate (S&T) provided the initial grant funding. Now in partnership with the DHS Cybersecurity and Infrastructure Security Agency (CISA) and Pacific Northwest National Laboratory (PNNL), PISCES has since evolved into a non-profit organization that partners with the private sector, colleges and universities, and local governments to provide no-cost cybersecurity event monitoring to small public sector organizations.
PISCES Role – PISCES adjudicates legal agreements and serves as the ultimate curator of the partnerships with educational institutions (including those housing the data collection stack), the private sector (providing the technology for collectors and analytic stack as well as necessary professional services and support), and local governments.
Private Sector Role – PISCES executed an agreement with Critical Insight (CI), a cybersecurity detection and response company with security operation centers in Bremerton and Ellensburg WA. CI provides a reduced-functionality version of the commercial monitoring and analytic stack to facilitate on-premise data collection, aggregate intrusion detection and network flows, and allow analyst access for investigation and event confirmation. CI also provides the necessary professional services to perform stack maintenance and upgrade and conduct the customer provisioning process.
Using metadata collected from customer networks, students act as cybersecurity analysts by evaluating events observed. When a security compromise is confirmed or suspected with a high degree of confidence, it is reported to the impacted jurisdiction for assistance to be provided to quickly remediate.
Data privacy and public disclosure limitations are described in the data sharing agreement. The data PISCES collects is limited to:
Partner Requirements – At a minimum, local government organizations seeking to execute a data sharing agreement must:
Academic Institutions – Educational partners must sign an agreement that stipulates:
The standard curriculum framework will be used, summarily:
Improvements to the curriculum will be integrated back into the standard distribution.
- Current – PISCES jurisdictions in Washington State include the cities of Anacortes, Arlington, Burien, Cle Elum, Covington, Ellensburg, Kittitas County, and Washougal. San Juan County
and Stevens County are recent deprovisioned jurisdictions. Additional state, local, tribal, and territorial partners will be added as the program expands outside the State of Washington.
Academic Institutions – Western Washington University, Central Washington University, and Spokane Falls Community College are currently teaching courses using PISCES and more Washington schools are interested in the program. Discussions are ongoing with institutions in South Carolina, Alabama, and Idaho as well.
CISA and PNNL are supporting the project through 2022, with the objective of creating a sustainability model that will address administration and technology costs.
If you represent a jurisdiction or academic institutions interested in participating in PISCES, you can contact PISCES NW on their website here.