Q&A: NIST’s new ‘Enterprise Risk Management’ guidelines push cyber risks to board level
Q&A: NIST’s new ‘Enterprise Risk Management’ guidelines push cyber risks to board level
ISA’s Larry Clinton criticizes Pentagon proposal for ‘intrusive’ access to contractor networks
You know what’s worse than trying to share cybersecurity information? Writing about it. Everyone has read over and over again about how important information sharing is for cybersecurity. The idea is certainly not new. It’s definitely not cool. It’s also hard. No one has completely nailed it even after talking about it for decades. Why […]
Internet Security Alliance Applauds NIST Notice on Cyber and Enterprise Risk Management
FOR IMMEDIATE RELEASEContact:Larry Clinton, President and CEOInternet Security Alliancelclinton@isalliance.org(202) 236-0001 — The Internet Security Alliance (ISA) filed comments on NISTIR 8286 Integrating Cybersecurity and Enterprise Risk Management today, applauding NIST for moving beyond the traditional techno-centric focus on cybersecurity and helping to build needed bridges between the roles of management and corporate boards in addressing […]
The Coronavirus Pandemic Has Created Novel Cybersecurity Challenges — But It May Also Give Us a Solution to the Cybersecurity Workforce Problem
By Josh Higgins, Senior Director of Policy and Communications The COVID-19 pandemic has created many new challenges for companies — such as managing a remote workforce, adopting new suppliers and cloud services, and a vastly expanded cyber-threat landscape — as the world works to maintain productivity through primarily virtual means. However, despite all these new […]
ISA’s Larry Clinton: Current crisis offers chance to examine, address systemic risks to cybersecurity
The COVID-19 crisis reveals the inadequacy of the prevailing “operational” approach to cybersecurity and provides an opportunity for government and businesses alike to take cost-effective steps toward a cyber strategy rooted in risk management, says Larry Clinton, president of the Internet Security Alliance. That should include developing systems to track and prosecute cyber crime, establishing […]
Key industry group urges federal officials to quickly share risk-management best practices with businesses
The massive shift to work-at-home amid the COVID-19 crisis is leading to insecure work-arounds that emphasize functionality over security, while managers in many businesses lack training suitable to the current risk environment, according to the Internet Security Alliance in comments filed with the Department of Homeland Security. “Due to the near-immediate switch to unplanned online […]
Pentagon and FCC, at different points on cyber regulation, underscore hybrid nature of U.S. government approach
The Defense Department is leading efforts to set mandatory cybersecurity baselines for industry, while the Federal Communications Commission has been on a deregulatory path, but both are playing influential roles in shaping the U.S. government’s relationship with the private sector and overall approach to cybersecurity that have been on display in recent days. In one […]
Handbook on cyber-risk management help Boards of Directors in Europe secure business resilience
Brussels, Belgium – Today, the Internet Security Alliance (ISA) and the European Confederation of Directors’ Associations (ecoDa) released a handbook on cyber-risk management for corporate boards of directors in Europe. “A cyberattack is not what a Board of Directors wants to face in the midst of the Corona crisis. Our handbook will help prevent such […]
Coronavirus Creates New Insider Cyber Threat and How to Treat It
Instantaneous, Unplanned, Digital Transformation Creates Massive Cyber Risk By Larry Clinton Insiders are generally identified as the locus of about half of successful cyber-attacks. The 2020 edition of the Cyber-Risk Oversight Handbook published by the National Association of Corporate Directors (NACD) and the Internet Security Alliance (ISA) last month (available free of charge here). identifies the […]
ISA Board of Directors Offers Cybersecurity Best Practices for COVID-19 Crisis
The outbreak of coronavirus globally has created a new reality vastly increasing how much business is done online: While this new virtual reality is essential to sustaining business during the pandemic, it is critical that corporate boards are also aware of the increased cybersecurity threat from this intensified, and often unplanned, utilization of technology. As […]
