The Financial Services Information Sharing and Analysis Center (FS-ISAC) today announced the creation of the Global Resilience Federation (GRF). GRF is a new, standalone not-for-profit that acts as an information sharing hub and intelligence provider.
GRF will develop and distribute cyber and physical threat information among not-for-profit ISACs,
ISAOs, CERTs and other information sharing communities across vital sectors around the world.
This “community of communities” includes charter members: FS-ISAC, Legal Services
Information Sharing and Analysis Organization (LS-ISAO) and Energy Analytic Security
Exchange (EASE).
GRF’s mission is to help assure the resilience and continuity of vital infrastructure and individual
organizations against threats and acts that could significantly impact individual organizations and
various sectors’ ability to provide services critical to the orderly functioning of the global economy.
The need for cross-sector intelligence sharing is increasing as malicious actors become more
sophisticated and often target multiple industries simultaneously. The Global Resilience
Federation will create new efficiencies and intelligence that can be used both within and across
sectors. GRF is an evolution of the work started by the Sector Services division of FS-ISAC, which
helped establish information sharing communities including EASE and LS-ISAO. The GRF team
leverages 18 years of information sharing expertise while expanding on the Sector Services
mission to support the creation, operation, and growth of information sharing communities of
interest and to provide a foundation for sophisticated cross-sector sharing and collaboration.
“The time is right to launch the GRF community of communities,” said Bill Nelson, president and
CEO, FS-ISAC and chairman of the board, GRF. “With the cross-pollination and wide-range of
intelligence sources we deal with every day, across many industries, it makes sense that FSISAC
no longer coordinate intelligence for all our partner organizations, but instead pass the torch
to GRF and then join the community as one member among many.”
FS-ISAC and its partner communities LS-ISAO and EASE will join as charter members of GRF,
which will become the hub of continuous cross-sector intelligence coordination among the
communities. Current FS-ISAC support for other industries, including ISAO and ISAC creation
services, will also transition seamlessly from Sector Services to GRF. Through a formal
partnership, GRF will leverage FS-ISAC infrastructure and will incorporate the FS-ISAC Sector
Services team as its initial staff. Cindy Donaldson, formerly chief operating officer of Sector
Services, FS-ISAC, will lead the company in her newly appointed role as president of GRF.
“GRF is an opportunity for true cross-sector sharing among communities around the world. GRF
will help build new sharing communities for industries that need them, and connect new and
mature communities into a trusted network for mutual defense. In addition, GRF will provide
industry-specific intelligence for member sectors. We’re creating a ‘neighborhood watch of
neighborhood watches,’ because we need to work together to strengthen the overall resilience of
vital sectors,” said Donaldson.
“The cross-sector reporting we have seen through membership in LS-ISAO will become even
more important for the security of our organization as threat actors increasingly target many
industries at once,” said Matt Kesner, member of the Executive Committee, LS-ISAO, and chief
information officer, Fenwick & West LLP. “We look forward to being part of GRF as it takes a
premier role in the coordination of intelligence among sharing communities.”
GRF will have two types of membership: members and supported partner communities. Members
will have a seat on the board of directors, access to bi-monthly reports that analyze and
investigate the latest threats and trends, and inclusion on an emergency crisis notification
committee. Partner communities will have those benefits as well as services that can include a
dedicated analyst, alerts and reporting on indicators of compromise, systems vulnerabilities,
physical security and geopolitical alerts, and other community benefits related to administration,
operations, recruitment and legal counsel. Offerings will be rolled out in a phased approach as
new communities join.
“With the creation of EASE, we complemented our sources of intelligence and expanded our
security footprint. We have already seen cross-sector sharing through that membership and are
excited to see the growth of multi-industry cooperation through the Global Resilience Federation,”
said Steve Brown, member of the Executive Committee, EASE and vice president and chief
security officer, Xcel Energy.