ISA Works With Leaders

ISA is involved with many prominent leadership organizations and a key player in many of their iconic publications and projects.

NACD—National Association of Corporate Directors

Working together, the National Association of Corporate Directors and ISA have produced a unique and successful program that  addresses cybersecurity as a board level issue – not simply an IT operational issue. In 2014 NACD published the first edition of the “Cyber-Risk Handbook” in conjunction with the ISA and AIG. In 2017, we came out with a significantly updated version. In April 2018, ISA and NACD hosted a Global Summit on Cybersecurity for corporate boards in Geneva. The goal of this event was to create a coherent approach to cybersecurity based on the Handbook’s principles but adapted to unique environments outside the United States. Starting in 2017, and completed in 2018, the ISA held workshops in the United Kingdom and Germany to prepare local versions of the handbook. These handbooks were published in 2018.

NACD helps more than 17,000 directors lead with confidence. As the recognized authority on leading boardroom p[ractices, NACD aspires to a world where businesses are sustainable, profitable, and respected, and where stakeholders trust directors to develop strategies that create long-term value and provide effective oversight.

BSI—German Federal Office for Information Security

Arne Schönbohm, president for the German Federal Office for Information Security, and the Internet Security Alliance have a collaboration that dates back to 2014. Known as BSI for its initials in German, the office is in charge of computer and communication security for the German government. ISA and BSI, in collaboration with the NACD and the International Association of Privacy Professionals, plan to develop a Cyber-Risk Oversight Handbook designed specificially to assist German corporate boards to analyze cybersecurity issues from an enterprise-wide perspective.

Schönbohm and the ISA first collaborated when the former was head of the the Cyber Security Council of Germany (CSCG). At the time, the organizations agreed to develop mutual projects to improve cybersecurity and jointly advocate for pro-growth, pro innovation policies, leading to a sustainable worldwide system of cybersecurity.

The European Confederation of Directors Associations (ecoDa)

The European Confederation of Directors Associations (ecoDa) acts as a European Voice of Directors. ISA has partnered with ecoDa to produce a pan-European version of the National Association of Corporate Directors Cyber Security Handbook for Corporate Boards of Directors.

ecoDa is a think thank with forward-looking approach to the role of tomorrow’s boards. To accomplish this, ecoDa remains alert to new trends, developing best practices and excelling directors’ professionalism towards value adding boards. The headquarters is situated in Brussels, allowing the organization to be more proactive on European Commission’s agenda and policy-making, to cooperate with different stakeholders on key CG issues, to communicate our positions towards EU institutions and also to organise different conferences, webinars and events. ecoDa is a European platform of directors.

Organization of American States (OAS)

The Organization of American States (OAS) was established in order to achieve among its member states——”an order of peace and justice, to promote their solidarity, to strengthen their collaboration, and to defend their sovereignty, their territorial integrity, and their independence” for the 35 independent states of the Americas and constitutes the main political, juridical, and social governmental forum in the Hemisphere.

ISA partnered with OAS in 2018 to adapt the NACD’s Cyber Risk Handbook for Corporate Boards for use by Latin American Boards of Directors. The handbook is expected to be published soon.

Keidanren USA, The Japan Business Federation

Keidanren USA is the U.S. liaison entity for Keidanren, the Japan Business Federation. Keidanren is a comprehensive Japanese economic organization with a broad membership consisting Japanese companies, industry associations, and regional economic organizations. Keidanren USA’s office is located in Washington, DC. Its core mission is to facilitate more engagement by the Japanese business sector with the U.S. policymaking community, and to promote the very real contributions (in terms of investment and jobs) being made by Japanese companies to the U.S. economy.

ISA partnered with Keideren in 2019 to produce a cyber risk handbook for Japanese Boards of Directors

IAPP—International Association of Privacy Professionals

Cybersecurity and privacy are twin issues of the digital age. Particularly inside the European Union and in other places where privacy is intensely regulated, it’s important for cybersecurity professionals to understand how to accommodate those concerns. The Internet Security Alliance has teamed with the IAPP to adapt the Cyber-Risk Oversight Handbook for the unique policy environments found in the United Kingdom and Germany. ISA’s work with the IAPP (and others, see above) will culminate in April 2018 with a Global Summit on Cybersecurity for corporate boards in Geneva hosted by ISA and the NACD.

CyLab -Carnegie Mellon University

In 2001 ISA Carnegie Mellon CyLab, a world leader in both technological research and the education of professionals in information assurance, security technology, business and policy, as well as security awareness, was one of the founders of the Internet Security Alliance. They serve on our Board of Directors and  have continued to work with ISA in the ensuing years on many projects and publications.


CyberTrak is a highly innovative online cybersecurity tool featuring information on cybersecurity-related mandates in 23 key markets around the world. This online information tool is available on an annual subscription basis to help general counsels, chief information security officers, chief information security officers, risk officers and legal, technology, IT and procurement departments of multinational companies to make better risk management decisions by keeping up with cybersecurity-related laws, regulations and standards around the world. ISA partnered with DLA Piper, a global law firm with lawyers located in more than 30 countries throughout the Americas, Europe, the Middle East, Africa and Asia Pacific, in the development of CyberTrak.

NAM – National Association of Manufacturers

The National Association of Manufacturers is the largest manufacturing association in the United States, representing small and large manufacturers in every industrial sector and in all 50 states. NAM is the powerful voice of the manufacturing community and the leading advocate for a policy agenda that helps manufacturers compete in the global economy and create jobs across the United States.

ANSI – American National Standards Institute

The American National Standards Institute (ANSI) empowers its members and constituents to strengthen the U.S. marketplace position in the global economy while helping to assure the safety and health of consumers and the protection of the environment. The Institute oversees the creation, promulgation and use of thousands of norms and guidelines that directly impact businesses in nearly every sector. ISA and ANSI continually work on joint projects and publications.

US CHAMBER-United States Chamber of Commerce

The U.S. Chamber of Commerce is the world’s largest business organization representing the interests of more than 3 million businesses of all sizes, sectors, and regions. Our members range from mom-and-pop shops and local chambers to leading industry associations and large corporations.  ISA and the US Chamber continue to work together on publications for cyber security issues in businesses.


GEC Risk Advisory is a global strategic governance, risk, cyber, reputation and crisis advisor to boards, executives, investors and advisors, in multiple sectors including financial, pharmaceutical, utility, technology, research, non-profit and governmental. Specialties include strategic risk and opportunity, reputation risk and resilience building; cyber-risk governance; crisis management; global anti-corruption and supply chain; and Transforming Risk into Value workshops. Our focus is on delivering constructive, multi-cultural, strategic and business-savvy advice aimed at improving stakeholder trust and enterprise value.