ISA APPLAUDS TRUMP ADMINISTRATION’S NEW CYBERSECURITY EXECUTIVE ORDER
(WASHINGTON, D.C.) – The Internet Security Alliance (ISA) supports President Trump’s new executive order on cybersecurity. The President’s order places responsibility for cybersecurity on agency heads, who are now directed to use a risk management model for cybersecurity programs. ISA supports this critical paradigm shift and is a long-standing proponent of using risk assessments to […]
Congressional memo on President Trump Cybersecurity Executive Order 13800
The Internet Security Alliance (ISA) supports President Trump’s new executive order on cybersecurity, and looks forward to assisting in its implementation. The Senate Committee on Commerce, Science, and Transportation, with its jurisdiction covering interstate commerce, has broad authority over key elements of the Order. ISA suggests the Committee consider some of the following recommendations as […]
Assessing the Latest Draft Cybersecurity Executive Order
The latest draft version of the Trump administration’s cybersecurity executive order is similar to the previous version and lays out a plan to secure U.S. federal government and critical infrastructure IT that could have come out of the Barack Obama White House, including modernizing federal IT. “That fact that they are focusing on IT modernization […]
NIST work on framework update quietly proceeds amid hubbub over Trump cyber agenda
The National Institute of Standards and Technology is diligently reviewing the nearly 130 comments from industry and other groups on a draft update to the framework of cybersecurity standards, as it prepares an analysis of that input in advance of a highly anticipated public meeting this month. That meeting will likely set the course and […]
Industry raises concerns with NIST approach to supply-chain risks in cyber framework update
Industry groups across sectors are raising concerns with various aspects of the National Institute of Standards and Technology’s approach to managing supply-chain risks in a proposed update to the voluntary framework of cybersecurity standards. Specifically, groups say the NIST plan fails to take into account the interconnectedness of vendor services and downplays the potential effect […]
Congress returns, but the real cybersecurity action is taking place off the Hill
Lawmakers return to Capitol Hill this week with a few cybersecurity items on the agenda for the upcoming legislative work period, while the most significant efforts in the coming months may be taking place at the White House and at the National Institute of Standards and Technology’s campus in suburban Maryland. “On the congressional front, […]
Business lobby pushes back on NIST Framework measurement plans
Business lobbying groups are pushing back on plans by federal scientists to add third-party measurement of cybersecurity to a voluntary framework designed to help private companies improve its defenses against hackers, cybercriminals and online spies. A draft proposed revision of the National Institute of Standards and Technology’s Cybersecurity Framework, to be known as version 1.1, […]
Internet Security Alliance: Framework metrics would help businesses prioritize efforts
The Internet Security Alliance is calling for metrics that allow businesses to prioritize their cybersecurity efforts based on the National Institute of Standards and Technology cybersecurity framework, while stressing the need for NIST and other agencies to continue promoting the voluntary, public-private partnership approach to cybersecurity. The comments come in response to a request for […]
Internet Security Alliance (ISA) and the FAIR Institute Joint Comments on the National Institute of Standards and Technology Cybersecurity Framework Proposed Version 1.1 Update
The Internet Security Alliance (ISA) is a multi-sector trade association representing mainly the chief information security officers of Fortune 100 companies. ISA has a long-standing interest in seeing that the Framework achieves its objectives of better private-sector cybersecurity. ISA’s Cybersecurity Social Contract, published in 2009, first called for the collaborative industry-government development of standards and […]
Internet Security Alliance (ISA), Fair Institute File Joint Comments on National Institute of Standards and Technologies (NIST) Framework
WASHINGTON, D.C.) – The Internet Security Alliance and the FAIR Institute called on the National Institute of Standards and Practices (NIST) to convene a process similar to that which resulted in the creation of the NIST Cybersecurity Framework (CSF), but this time focusing on implementation of the CSF. According to the joint filing, a useful […]
