The NRECA Research Threat Analysis Center (TAC) is the cooperative operational technology (OT) cybersecurity threat analysis and sharing platform, designed to improve the speed, coordination, and effectiveness of co-op threat response. The ultimate vision of the TAC is to provide a centralized platform for threat analysis, investigation, and communication.
How does TAC work?
TAC will serve the entire co-op community through vendor-agnostic connections to OT monitoring tools, with flexible integrations and standards-based communication protocols, enabling rapid threat aggregation, analysis, enrichment, and dissemination among co-ops and intelligence community. TAC is intended to foster a strong community among the co-ops, providing secure communication and data sharing channels to discuss threats, request assistance, and engage with subject matter experts (SMEs).
The TAC will work to integrate with
any co-op OT monitoring tool deployed into the field, maintaining a comprehensive approach that is
technology- and vendor-neutral. Participation will be through subscription, with fees based on co-op size and level of access to TAC.
TAC is designed to address the challenges of (1) communication and coordination barriers, (2) alert fatigue, and (3) lack of cyber expertise resources.
Streamlining Communication and Breaking Down Coordination Barriers
Coordinated communication about cybersecurity threats is a major challenge for all industries. TAC acts as a centralized, standardized platform for alert/event data from across the co-op space, provides a defined advisory feed to inform the intelligence community, and enables co-ops to securely engage with each other on threat discussions and incident response.Reducing Alert Fatigue
Alert fatigue is likewise a major challenge, resulting from the requirement to receive and analyze the abundance of daily threat notifications and published common vulnerabilities and exposures (CVEs) by multiple entities or feeds. TAC receives this information, sorts through to deduplicate and aggregate similar threats, and applies domain-specific information. The resulting threat feed is provided to co-ops along with information needed to take the appropriate action.Sharing Cybersecurity Expertise & Resources
Securing cybersecurity talent is an ongoing challenge for all industries. TAC plays a role in alleviating this challenge by ultimately being operated by co-ops themselves and being a community resource for co-ops lacking the cybersecurity skills needed for threat or incident response. TAC will also operate as a training and continuous education platform, to help upskill and certify cybersecurity professionals at co-ops.