The Africa-wide Information-Sharing and Analysis Centre (ISAC) is the core component of the ACRC and first of its kind on the continent.
Large scale Information Sharing about threats, vulnerabilities and best practices is the prerequisite to the efficient management of cybersecurity. The continent’s Financial Institutions have to cooperate to match the fast pace of hackers, who are most often international criminal organizations looking for immediate profits. The Financial Sector is naturally one of their main targets.
Exchanging sensitive and timely information, to adopt proactively security measures needs, to build a trusted network between peers. This requires a community open to national, regional and international stakeholders to drive peer-to-peer exchanges in a supporting environment:
- A specific independent organization, the ISAC, which is a centre of expertise in threat and incident management,
- Processes and policies to ensure confidentiality and full control of what is disclosed and to whom,
- Technical conferences and workgroups, with closed or open groups depending on the matter, to get people to know each other and work together,
- An automated Open Source Threat Intelligence Platform MISP to share Indicators of Compromise (IoC),
- Exchanges with other sectorial and non-sectorial intelligence communities at the international, continental, sub-regional or local levels, including with national CERTs and Central Banks, in respect of confidentiality,
- Regular reporting, bulletin and in-depth analysis to raise awareness among stakeholders,
- Large scale incident and crisis management coordination.