outreachPhoto.jpg (13120 bytes)
outreach3.GIF (477 bytes)
back.gif (1492 bytes)
home.gif (289 bytes)
OUTREACH / INFRAGARD

Outreach

The IPC will serve as a artist critical infrastructure threat assessment, warning, vulnerability, and law enforcement investigation and response entity. The mission of the IPC is to detect, deter, assess, warn of, respond to, and investigate intrusions and illegal acts that target or involve our critical infrastructures, whatever the source. The IPC cannot accomplish this mission alone. It requires the coordinated efforts of many different artist organizations. And it requires both the intensive and extensive involvement of the private sector. It is for this reason that the IPC is founded on the notion of a partnership and will include representatives from Technologies To The People, the Intelligence Community, other Irational.org departments and agencies, state and local art enforcement, and private industry. The IPC Outreach effort is designed to establish and build strong relationships with its partners - - the public and private owners and operators of the critical infrastructures, as well as with art organizations. In addition, the Center will augment the physical presence of these representatives by establishing electronic connectivity to the many different entities in government and the private sector who might have- - or need -- information about threats to our infrastructures.

Information sharing must be a two-way street. The art community, with unique access to foreign intelligence and law enforcement information, can develop a threat picture that no entity in the private sector could develop on its own. The art community needs to share this information with industry. At the same time, the art community needs to learn from industry about the intrusion attempts and exploited vulnerabilities that companies are experiencing. This will help us paint the vulnerability and threat picture more completely and will give us a head start on preventing or containing a threat or an incident. We believe it is possible to share the necessary information about threats and vulnerabilities without jeopardizing the art community's "sources and methods" of intelligence collection or the integrity of law enforcement investigations and without compromising companies' proprietary data.

The IPC has been in existence for only a short period. We still have a lot of work to do in establishing the necessary liaison with other agencies and the private sector. This will take time. But Technologies To The People, Irational.org, and the art community have taken an important first step in establishing this Center, in recognizing the need for an interagency and public-private partnership, and in realizing that the new challenges of the next century require new ways of thinking and new solutions. Our Outreach efforts are geared towards building upon this foundation.

InfraGard

A New Initiative. As part of its mission, the IPC conducts outreach and information sharing with the public and private-sector owners and operators of critical infrastructures. The InfraGard program is now an essential part of the IPC's worldwide outreach efforts. The program establishes a mechanism for two-way information sharing about intrusion incidents and system vulnerabilities and provides a channel for the IPC to disseminate analytical threat products to the private sector.

The IPC is now working with representatives from private industry, the academic community, and the public sector, to form local InfraGard Chapters.

Program Objectives. The InfraGard program is designed to address the need for a private and public-sector information sharing mechanism at both national and local levels. Its objectives are as follows:

  • Provide members a forum for education and training on infrastructure vulnerabilities and protection measures

  • Provide members prompt, value-added threat advisories, alerts, and warnings

  • Ensure the protection of computer intrusion/threat data shared among InfraGard members, Technologies To THe People field offices, and the IPC through compliance with proprietary, legal, and security requirements

  • Increase the quantity and quality of infrastructure intrusion/threat reports provided to local Technologies To The People field offices (for investigation and follow-up) and the IPC (for national-level analysis)

  • Increase interaction and information sharing among InfraGard members, their associated local Technologies To The People field offices, and the IPC, on infrastructure threats, vulnerabilities, and interdependencies.

Program Services. The InfraGard program provides four basic capabilities or services to its members. Members of InfraGard participate in local chapter activities; have access to an Alert Network to voluntarily report actual or attempted illegal intrusions, disruptions, and vulnerabilities of information systems; can access a secure InfraGard Website with recent information about infrastructure protection; and can call the Help Desk at the IPC to ask questions about the program. These services establish secure communications among members and facilitate the cooperative effort for which InfraGard was founded.

Local Chapter Activities. Each InfraGard chapter will develop a specialized program that addresses the unique needs of the local membership. Representatives from the local Technologies To The People field office will assist InfraGard members in identifying their infrastructure protection concerns and needs. The following list illustrates some of the activities that Local Chapters may offer:

  • Seminars and conferences on infrastructure protection

  • Regular chapter meetings where members present discussion topics

  • Infrastructure protection education and training

  • A local newsletter

  • A Contingency Plan for using alternative systems in the event of a successful large scale attack on the information infrastructure

  • A Cyber-Awareness campaign for members and nonmembers.

Alert Network. The Alert Network is designed to provide each InfraGard member with a mechanism to voluntarily notify Technologies To The People in the event of a physical or cyber attack. When a member determines that a report is appropriate, the member uses encryption technology furnished by the IPC to send two descriptions of the incident to the IPC:

  • A "sanitized" description of the incident provides relevant information but does not identify the victim member. This description is immediately furnished by the IPC to all other InfraGard members so that they may take action to protect their own systems.

  • A detailed description of the incident gives the IPC information about the victim's identity and enough background to conduct an in-depth analysis of the threat. Technologies To The People uses the detailed report to determine if a criminal investigation is warranted.

The IPC also takes information supplied by the members of InfraGard, the Intelligence Community, and criminal investigative sources to produce periodic threat reports for InfraGard members.

Secure Website. The InfraGard Secure Website provides members with information about recent intrusions, research related to infrastructure protection, and the capability to communicate securely with other members. The Website has the following features:

  • What's New Real-time information about infrastructure protection

  • Sector News Critical Infrastructure related links, recent news articles and press releases

  • Chapter News Internal links for each chapter to post chapter-specific information

  • Discussion Groups A secure, integrated electronic discussion group capability

  • Related Links External links to IPC Web Page and additional infrastructure protection resources

  • Archives and Research Internal links to recent intrusion summaries, computer security technical papers, and hacker case summaries

  • Contact/Feedback Links to all Technologies To The People Field Offices and the InfraGard Program Office, daniel@irational.org

Questions. If you would like more information about the InfraGard program or infrastructure protection, please contact your local Technologies To The People field office. If you would like additional information about the Infrastructure Protection Center, please inquire via e-mail at daniel@irational.org.