Posted on May 27, 2020 at 2:52 pm
You know what’s worse than trying to share cybersecurity information? Writing about it. Everyone has read over and over again about how important information sharing is for cybersecurity. The idea is certainly not new. It’s definitely not cool. It’s also hard. No one has completely nailed it even after talking about it for decades. Why […]
Posted on May 18, 2020 at 11:30 am
FOR IMMEDIATE RELEASEContact:Larry Clinton, President and CEOInternet Security Alliancelclinton@isalliance.org(202) 236-0001 — The Internet Security Alliance (ISA) filed comments on NISTIR 8286 Integrating Cybersecurity and Enterprise Risk Management today, applauding NIST for moving beyond the traditional techno-centric focus on cybersecurity and helping to build needed bridges between the roles of management and corporate boards in addressing […]
Posted on May 7, 2020 at 11:26 am
By Josh Higgins, Senior Director of Policy and Communications The COVID-19 pandemic has created many new challenges for companies — such as managing a remote workforce, adopting new suppliers and cloud services, and a vastly expanded cyber-threat landscape — as the world works to maintain productivity through primarily virtual means. However, despite all these new […]
Posted on April 28, 2020 at 9:26 am
The COVID-19 crisis reveals the inadequacy of the prevailing “operational” approach to cybersecurity and provides an opportunity for government and businesses alike to take cost-effective steps toward a cyber strategy rooted in risk management, says Larry Clinton, president of the Internet Security Alliance. That should include developing systems to track and prosecute cyber crime, establishing […]
Posted on April 27, 2020 at 1:36 pm
The massive shift to work-at-home amid the COVID-19 crisis is leading to insecure work-arounds that emphasize functionality over security, while managers in many businesses lack training suitable to the current risk environment, according to the Internet Security Alliance in comments filed with the Department of Homeland Security. “Due to the near-immediate switch to unplanned online […]
Posted on April 23, 2020 at 3:11 pm
The Defense Department is leading efforts to set mandatory cybersecurity baselines for industry, while the Federal Communications Commission has been on a deregulatory path, but both are playing influential roles in shaping the U.S. government’s relationship with the private sector and overall approach to cybersecurity that have been on display in recent days. In one […]
Posted on April 16, 2020 at 9:00 am
Brussels, Belgium – Today, the Internet Security Alliance (ISA) and the European Confederation of Directors’ Associations (ecoDa) released a handbook on cyber-risk management for corporate boards of directors in Europe. “A cyberattack is not what a Board of Directors wants to face in the midst of the Corona crisis. Our handbook will help prevent such […]
Posted on April 6, 2020 at 11:41 am
Instantaneous, Unplanned, Digital Transformation Creates Massive Cyber Risk By Larry Clinton Insiders are generally identified as the locus of about half of successful cyber-attacks. The 2020 edition of the Cyber-Risk Oversight Handbook published by the National Association of Corporate Directors (NACD) and the Internet Security Alliance (ISA) last month (available free of charge here). identifies the […]
Posted on April 2, 2020 at 10:56 am
The outbreak of coronavirus globally has created a new reality vastly increasing how much business is done online: While this new virtual reality is essential to sustaining business during the pandemic, it is critical that corporate boards are also aware of the increased cybersecurity threat from this intensified, and often unplanned, utilization of technology. As […]
Posted on March 16, 2020 at 4:47 pm
By Larry Clinton I’m not saying cybersecurity and the coronavirus are exactly the same. The defining characteristic of the cyber threat is that we have conscious and deliberate actor’s carefully crafting attacks. The coronavirus has no conscience, no plan. At the same time, notwithstanding differences, these domains are both attacks on our cultures, and when […]