ISA April 2020 Highlights

June 3, 2020

ISA April 2020 Highlights

  • DHS Cybersecurity Infrastructure Security Agency (CISA) Head addresses ISA Spring Board virtual meeting, Chris Krebs, DHS’s leading authority on cybersecurity meets for one hour with the ISA board to report on CISA’s projects and inquire from the ISA board how CISA can improve services. Mr. Krebs graciously compliments ISA for its work enhancing the knowledge of corporate boards on cybersecurity and helping to lead the cross sector Pandemic Recovery Effort.
  • ISA President appointed Co-Chair of the DHS Cross Sector Pandemic Recovery Working Group. ISA submits detailed comments urging greater focus on cybersecurity in government’s draft recovery plan. ISA provides analysis of cyber risk and recommended actions for the first 30/60/90 days following the Corvid virus lockdowns.
  • World Economic Forum (WEF) and ISA agree on consensus list of Principles for Boards of Directors addressing cyber risk. WEF Director for Cybersecurity and Corporate Governance Daniel Dobrygowski meets with ISA board to begin process of developing measurement systems assessing use and effectiveness of consensus principles.
  • ISA Board holds Spring meeting. ISA Sponsor satisfaction survey indicate strong support for ISA. Board considers adding new projects in its 200-2022 3-year plan including publishing new edition of the Cybersecurity Social Contract and a business/college text based on ISA director’s handbooks through Georgetown University Press.
    European Conference of Directors Associations and ISA publish pan-European edition of the Cyber Risk Handbook for Corporate Boards. ISA handbooks are now available on 4 continents and in 5 languages.
  • ISA conducts two workshops with the Association of Governing Boards (AGB) in effort to develop an adapted Cyber Risk Handbook based on the NACD-ISA model for college and university boards of trustees.
  • ISA teaches a course at NYU Grad school, and addresses for Shared Assessments National Conference on Board Management of Cybersecurity and Third-Party Risk