Signing of MOU between CI-ISAC Australia and Health ISAC


Critical Infrastructure – Information Sharing and Analysis Centre (CI-ISAC) Australia is proud to announce the signing of a Memorandum of Understanding (MOU) on 20th March 2024, with the Global Health-ISAC.

ISACs provide a trusted, not for profit, ecosystem for the sharing of cyber threat intelligence (CTI) between members and the partnership between the Critical Infrastructure ISAC – Australia’s only sovereign ISAC – and Health-ISAC will increase the richness of cyber threat intelligence made available to both organisations’ members.

In operation since February 2023, and Headquartered on the Sunshine Coast, CI-ISAC Australia is rapidly building a cross-sectoral CTI sharing ecosystem through which members – from all 11 critical infrastructure sectors – can share CTI insights and lessons learned relating to cyber threats.

As a not-for-profit entity ‘owned’ by its members, CI-ISAC provides a value-for-money and commercially safe environment for companies to share insights for the purpose of building a stronger, collective response to cyber-attacks.

CI-ISAC co-exists with existing Government CTI sharing programs and helps expand the reach of CTI sharing into small and large entities and provides an industry-for-industry solution to CTI sharing.

CI-ISAC Australia CEO, David Sandell notes: “This partnership will deliver outcomes both locally and globally as we collaborate to uplift the collective defences of our members against cyber threats.”

Health-ISAC Inc. (Health-ISAC, Health Information Sharing and Analysis Center), is a global, non-profit, member-driven organisation offering healthcare stakeholders a trusted community and forum for coordinating, collaborating, and sharing vital physical and cyber threat intelligence and best practices with each other.

The CI-ISAC/Health-ISAC MOU includes arrangements for sharing information on cyber threats targeted at the health sector, which will be augmented by CI-ISAC’s visibility across the remaining CI-sectors in Australia.

Global CTI data from Health ISAC and its partner network will be made available to all CI-ISAC members in the form of actionable intelligence in the form of advisories and CI-ISAC’s automated threat feed.

“As we all know, cyber threats are not limited to international borders.”, says Health-ISAC President & CEO, Denise Anderson, “It is crucial for us to unite and stay vigilant against these risks. By bringing the global perspective of Health-ISAC and the Australian perspective from CI-ISAC together through this partnership, we can create a safer community.”

This partnership exemplifies CI-ISAC’s cross sectoral approach to ‘learning from one to benefit many’ and collectively uplift Australian CI’s cyber defences.

In addition to deepening CI-ISAC’s visibility into threats to medical devices and the Health Sector as a whole, the partnership will offer further enrichment to CI-ISAC’s CTI existing data flows.

Health-ISAC will benefit from increased situational awareness of the types of threats and cyber-attack techniques impacting Australian entities, in addition to relevant technical analysis from the CI-ISAC National Intelligence Office.

Data sharing will build progressively, based on member guidance, and will comply with CI-ISAC’s strict data handling and intelligence sharing guidelines.

The data sharing MOU represents another step in the growth and development of CI-ISAC Australia.

With a team of teams approach, CI-ISAC Australia is evolving to be an important part of Australia’s cyber defences.

A member led not-for-profit company, owners, and operators from across the 11 critical infrastructure sectors are encouraged to join.