Vision
The vision of the pan-European Information Sharing and Analysis Center (PISAX) is to become a key platform for cooperation on cybersecurity matters between Internet Exchange Points (IXPs), General Packet Radio Service Roaming eXchange (GRXs) and professionals or organisations involved in Information security.
Mission
PISAX’s mission is to promote cybersecurity defence and response within IXPs and GRXs at the national, European and international level. The mission is conducted through a) private information sharing within a community of trusted representatives at member organizations, and b) active role on improving the security of IXPs and GRXs.
Objectives
- Improve internal capabilities of IXP/GRX to meet security and reporting requirements under national laws implementing the NIS Directive
- Facilitate the collaboration on threat intelligence and analysis of technical and non-technical information about malware and attacks focusing on PISAX members
- Enable the automatic sharing of indicators of compromise (IoC) by developing interfaces between PISAX’s members utilising MISP threat sharing platform to improve the security posture
- Join a European Level Sectoral ISAC to enhance the cross-sectoral sharing
Governance
PISAX is composed of volunteer members that share the workload of its community to improve the autonomy capabilities. Every member of the PISAX community can volunteer to lead the organisation of meetings (e.g. by hosting a meeting themselves), while ensuring that the host role is rotated to the other members of the community.
PISAX operating model
PISAX provides an automated and secure threat intelligence sharing system built on the open-source MISP threat sharing platform. Given that MISP threat sharing platform is a mature and popular tool already used by various organisations across the world, the security and privacy aspects of the PISAX platform is battle tested and continues to improve due to an active community around it.
Organisational Policies
The access to PISAX platform is free upon request. The objective is to stimulate sharing practices among European IXPs/GRXs. Once admitted, PISAX members are encouraged to respect the operational rules of the MISP threat sharing platform.