Press Release

For Immediate Release
July 25, 2002

Washington D.C.
FBI National Press Office
(202) 324-3691

In an effort to support and enhance the security and readiness of the states to deal with potential terrorist threats Rock Regan, CIO for Connecticut and President of the National Association of State Chief Information Officers (NASCIO), today signed an agreement with the National Infrastructure Protection Center (NIPC) Director, Ronald L. Dick. This partnership between the NASCIO and the NIPC will allow vital security-related information to move more effectively between the multi-agency NIPC, based at FBI headquarters in Washington, DC, and the states through their chief information officers (CIOs).

Information dissemination will be coordinated by NASCIO via an Interstate Information Sharing and Analysis Center (Interstate ISAC) function at its headquarters in Lexington, Kentucky. This ISAC will support critical state infrastructure security through the offices of participating state CIOs. Support of the continuity of critical state government infrastructures is a key component of the Presidential Decision Directive-63 signed in May 1998. NASCIO will ensure that the state's receive the most current counter-terrorist threat alerts, warnings and analysis. This will include classified threat intelligence provided by the NIPC to NASCIO (once proper clearances are in place), which will then assist the NIPC in preparing warnings of threats to state physical and cyber infrastructures.

In turn, the state's CIOs and CISOs will be encouraged to work through the NIPC to voluntarily pass incident information to national-level agencies responsible for looking for patterns that may indicate an organized attack is in preparation or underway.

"While everyone is doing their utmost to prevent terrorist attacks, today's threat environment reflects that potential targets are not limited to federal government sites. That is why information sharing between the national and the state levels is vital in the war against terrorism," said Ron Dick, Director of the NIPC. Mr. Dick added, "We must be able to give the states the most comprehensive and timely threat assessments and warnings we possibly can, so they can take actions to protect their critical infrastructures, and minimize the potential loss of life and property. Advance knowledge of the target area and the type of attack (bomb, chemical, radiological, biological and/or cyber) can make a vital difference in their readiness to prevent, and mitigate the consequences of an attack. The intelligence, law enforcement and other agencies that make up the NIPC are committed to giving the states that vital edge."

Reading a prepared statement from Regan, Matthew R. DeZee, CIO for South Carolina and leader of NASCIO's security program, added that "the Memorandum of Understanding we signed today recognizes the necessity for a robust and timely exchange of essential information about cyber and physical threats to the state's critical infrastructures. State CIOs, as the custodians of their states' critical information assets and coordinators of statewide information sharing, have been working closely with homeland security teams, and this agreement will provide a very valuable resource to a wide range of state critical infrastructure protection efforts. Over time NASCIO will work with the states and federal partners, such as NIPC, to develop this Interstate ISAC function into a national model for two-way trusted exchange of information in order to analyze and disseminate actionable intelligence on threats, attacks, vulnerabilities, anomalies, and security best practices involving the continuity of state governments."

"Supporting the Interstate ISAC is one more step in our efforts to integrate State and local resources into an efficient and effective national effort to fortify our homeland defenses," Dick added. "The Interstate ISAC and their representative state's communications networks, leverages the existing dissemination networks within the states, and avoids wasting limited resources duplicating these systems to pass threat information. These state representatives in turn are in an excellent position to give us expert interpretation on raw sensitive threat intelligence, and help us turn it into useful information that the states can directly act on."

NASCIO will be signing participation agreements with states interested in receiving the alerts. As part of the agreement, states will agree to handle and disseminate the NIPC alerts appropriately within their enterprises. NASCIO will support its Interstate ISAC function utilizing staff and volunteer support.

About NASCIO
NASCIO (http://www.nascio.org) is the National Association of State Chief Information Officers and represents the state chief information officers from the 50 states, six U.S. territories and the District of Columbia. Other IT officials participate as associate members and private sector representatives may become corporate members. The mission of the association is to shape national IT policy through collaborative partnerships, information sharing and knowledge transfer across jurisdictional and functional boundaries.

#####