The Public Regional Information Security Event Management (PRISEM) System

The Short Story

PRISEM is a shared regional cyber security monitoring system, which aggregates and processes cyber event data, provides correlated alerts on threat conditions, and extends situational awareness for public-sector organizations across the Puget Sound area. Currently, PRISEM serves 7 cities and counties, six maritime ports, a hospital and two energy utilities with expansion underway. Integrated with analysts at the Washington State Fusion Center, it is the only such system in the United States.

The Longer Story

Local and tribal government, 9-11 centers, maritime ports, public utility and other special purpose districts provide life-safety, life-sustaining and quality of life services, which are enabled by, and in some cases completely dependent on information technology. Radio communications, traffic management, water and energy utilities, and emergency management are a examples of this critical infrastructure. The technology underpinnings of these services are increasingly under attack by actors focused on disruption and damage, including by nation-states hostile to United States interests.

The PRISEM system was developed through grant funding to provide cybersecurity monitoring as a shared service for these organizations, to ensure that information on threats and reconnaissance activity is shared in real-time and across organizational boundaries. Analysts "mine" the system for indicators of compromise, notify organizations that exhibit these indicators, and refer criminal operations to appropriate law enforcement.

Efforts are now underway to move the PRISEM project from a grant-funded proof-of-concept to a sustainable, fee-based service that may be applied to a broader collection of agencies, and across the entire state. Supported through the Office of the CIO, state assets have engaged to assist with the legal aspects of creating inter-governmental agreements that will support operations through fees, yet retain the ability to obtain grant funding for capital improvements and research. This will allow the system to be applied to other critical organizations such as water treatment facilities and 911 centers.

The system is also being aligned with cybersecurity education in the state. By providing access to real-time event data, students - especially our returning Veterans - gain real-world experience through lab exercises, internships and apprenticeships by spending time in an operational setting as a cyber-analyst. In this way, students receive the benefit of experience along with the academic program, and are better prepared to obtain high-paying, highly-available jobs in the field.

Contact: Michael Hamilton

Links (to media stories)