JOIN ISA

INTERNET SECURITY ALLIANCE (ISA) TOP 25 HIGHLIGHTS FOR 2024

  • House Homeland Security Chairman Mark Green Agrees to Support ISA’s Top Legislative Priority —Workforce Development. Mr. Green was the ISA’s guest of honor at the ISA Board’s annual spring Salon Dinner where he announced his intent to introduce legislation on cyber workforce development modeled on ISA’s National, Virtual Academy proposal.

 

  • Chairman Green Introduces PIVOTT Act. As promised to the ISA board, Chairman Green introduced legislation to provide government scholarships to up to 10,000 new students a year in return for government service in cybersecurity. The PIVOTT Act, based on the ISA virtual academy model, is by far the most aggressive legislation to address the national cyber workforce shortfall and specifically provides assistance to state and local government as well as federal and includes support programs at community colleges and certificate programs.

 

  • House Homeland Security Committee Passes PIVOTT Act Unanimously. Reflecting the bipartisan support ISA had generated for the virtual academy model via its Hill outreach, the Homeland Security Committee unanimously passes the PIVOTT Act.

 

  • House Chair of Key Appropriations Subcommittee Co-Sponsors the PIVOTT Act. Following a meeting with a delegation of the ISA board, Chairman Hal Rogers agreed to become a cosponsor of the PIVOTT Act. In addition to being the “Dean” of the full House, Mr. Rogers is one of the seven “Cardinals” of the House as Chair of Subcommittee on Commerce, State, and Justice. His support is critical in assuring that in addition to the Congress authorizing the PIVOTT Act, it receives the necessary funding to implement it.

 

  • House Oversight Committee Embraces ISA’s Number Two Legislative Priority – Regulatory Streamlining. The House Oversight Committee has jurisdiction over the Office of Management and Budget (OMB). OMB is the only entity able to police the numerous federal regulatory agencies who have created a duplicative wasteful and anti-security system of cyber regulatory overlap.  ISA’s proposal to use the Oversight Committee to empower OMB to use AI to streamline the cyber regulatory process was embraced by Oversight staff and assigned one of its leading Members Congressman Biggs to work with ISA to craft legislation to implement it. That legislation is now being refined by House legislative Counsel.

 

  • World Economic Forum Requests ISA Lead Spotlight Session on Regulation at the Forum’s Annual Cybersecurity Summit in Geneva. For the second consecutive year ISA was asked to lead a spotlight on the program entitled “Are Regulators the New Threat Actors?” ISA President Clinton made a presentation to a standing room only crowd detailing the need to reform the traditional cyber regulatory model as it is duplicative, wasteful and counter-productive to achieving a sustainable cyber-secure eco-system.

 

  • World Economic Forum Publishes Report on Cybersecurity Resilience based on ISA collaboration. Following a year-long work stream of international experts, including the ISA, The Forum released a report arguing that the approach to cybersecurity has traditionally been too narrow and that enterprises needed to focus on digital resilience not merely security in the narrow technical sense. The Forum report is largely based on – and specifically cites – concepts ISA has developed and published with its global partners over the past decade which include the Forum, the National Association of Corporate Directors, the European Conference of Director Associations, the OAS, and the Japanese Business Federation. The report specifically cites the work ISA has done with these entities and the fact that this work has been documented as enhancing cybersecurity by such groups as PWC, MIT, and the World Economic Forum itself. 

 

  • White House Director for Cybersecurity Harry Coker requests private meeting with ISA President Clinton to discuss ISA legislative priorities workforce development, regulatory streamlining, and developing a macro-economic model for cybersecurity.

  

  • The President’s National Security Telecommunications Advisory Committee releases report that endorses virtually all of ISA’s current legislative priorities. The report endorsed 
    • The creation of a national, virtual Cyber Academy to address the cyber workforce gap;
    • Validating the central reality that there are legitimate “gaps” between appropriate private sector spending on commercial security and the nation’s need for broader national security spending;
    • To fill this gap government needs to create market incentives;
    • Government needs to fund the development of a macro economic model for cybersecurity; and
    • Government needs to use the Office of Management and Budget to streamline cybersecurity regulations.

 

  • ISA Engages Capitol Hill on Cybersecurity Implications of Supreme Court’s Loper-Bright Decision. The Loper decision reverses the long-standing “Chevron deference” which is the basis of much existing cybersecurity regulation. In the wake of the November elections the ISA reached out to Members of Congress destined to take leadership positions in the new Congress during the November “lame-duck” session. ISA conducted meetings with over 60 congressional offices raising awareness about the impact of Loper on cyber regulations and pointing to the NACD-ISA Cyber Risk Handbook as a voluntary, documented effective process that could be used to replace cyber regulations if courts vacated the current regulatory structure.

 

  • The National Association of Corporate Directors (NACD) and ISA collaborated to develop supplemental material for the NACD-ISA Director’s Handbook on Cyber-Risk Oversight. The supplement will augment the current handbook to provide additional focus on the emergence of AI and its impact on cyber risk oversight. Publication is currently scheduled for Q1 of 2025.

 

  • ISA President Larry Clinton appointed to AI Security Council Planning Committee Developing the first AI Summit for the Black Hat Conference in Las Vagas, NV. At the Summit, President Clinton addressed the conference with a presentation on “Balancing Security and Innovation – Risks and Rewards in AI-Driven Cybersecurity.”

 

  • European Conference of Director Associations (ecoDa) and ISA Publish Second EU Edition of Cyber Risk Handbook for EU Boards. Based on ISA’s 2023 collaboration with the NACD and CISA, in addition to the 2024 collaboration with the German Office for Information Security (BSI), ISA and ecoDa published an EU version of the handbook with tool kits adapted to EU cyber regulations.

 

  • ISA Hosts President of German Agency on Information Security (BSI). For the fifth consecutive year ISA hosted the head of cybersecurity in Germany, Claudia Platner at a private dinner. This continues the long-standing partnership between ISA and BSI. Earlier in 2024 ISA and BSI published the second German language edition on the Cyber Risk Handbook.

 

  • ISA and DHS’s Cybersecurity and Infrastructure Security Agency’s (CISA) continue on-going process to refine Secure by Design program as suggested by CISA Director Easterly when she met with the ISA board at their fall Salon Dinner. CISA’s follow up Request for Information shows substantial movement towards ISA’ published principles and best practices regarding the economics of Secure by Design and the need for incentives. 

 

  • DHS and Congress reach out to ISA on systemic cyber risk policy. Stimulated by the CrowdStrike incident and following up on ISA’s previous work on Systemic Risk both the Cybersecurity and infrastructure Security Agency (CISA) at DHS and the House Homeland Security Committee are working with ISA to develop a government-industry risk management process to address systemic risk. The starting point for these discussions is Chapter three in ISA’s book Fixing American Cybersecurity and ISA’s work with the World Economic Forum on the issue. The direction is to use market penetration as a way to highlight major single points of failure and liability incentives to encourage greater industry government collaboration on mitigating risk of single point of failure.

 

  • ISA taught its 7th annual cybersecurity course at the Wharton School as part of the ABA Stonier Executive Education graduate program in financial services. ISA often “team-teaches” this program with ISA board members. This year ISA was joined by CISO Hall of Fame member and former Chair of the ISA board of directors Tim McKnight.

 

  • ISA presented at the prestigious Cybersecurity at MIT Sloan (CAMS) invitation-only virtual program to an audience of researchers and industry cyber experts from around the world. ISA was asked to join the MIT CAMS community based on our presentation at last year’s World Economic Forum Annual Meeting on Cybersecurity. The topic for our presentation at MIT was ISA’s award winning, book Fixing American Cybersecurity: Creating a Strategic Public Private Partnership.

 

  • ISA’s Fixing American Cybersecurity: Creating a Strategic Public Private Partnership named an “Outstanding Academic Title for 2023” by American Library Association’s Choice Magazine. 

 

  • ISA signed on to an amicus brief pushing back against expanded CISO liability. This was filed on behalf of CISOs and Cybersecurity Organizations in SEC v. SolarWinds Corp. and Timothy G. Brown.

 

  • UnitedHealth Group joins ISA as a new sponsor.  Tim McKnight, who formally served on the ISA board for SAP and other organization’s joins’ ISA as a “new” board member.

 

  • McDonalds, Joins ISA as a New Sponsor McDonalds adds a major new dimension to the ISA Board conversations. Mike Gordon, who previously serviced on the ISA board representing Lockheed Martin rejoins the ISA board of directors,

 

  • GE Vernova Joins the ISA Board. GE Vernova is the second of the three new entities created by the GE restructuring to join GE Aerospace on the ISA board. Mike Woods, who previously served on the ISA board representing the parent company of GE, will rejoin the ISA board representing GE Vernova.

 

  • Safe Security joins the ISA Board of Directors in 2025. Nick Sanna, who previously served on the ISA board as President of RiskLens and the FAIR Institute will rejoin the ISA board representing Safe Security.

 

  • ISA Begins Recording Episodes of “Fixing Cybersecurity”. Fixing Cybersecurity will be the first regularly scheduled TV program devoted to cybersecurity which will be streamed globally over the SLING platform starting in 2025. ISA has already taped several segments of the show. Initial guests include Michael Daniel, Cyber Czar under President Obama; the USA’s First CISO, Greg Touhill; and NACD President Peter Gleason. ISA board members are encouraged to use this platform. Skytop Media is fronting all costs to produce this program. 

A leader in Cyber Policy, Practice, and Promotion.

Contact
Helpful Links
Distributions

Enter your email to be added to our mailing list

Facebook Linkedin Twitter
Copyright © 2025 Internet Security Alliance, All rights reserved.