Posted on January 19, 2018 at 12:04 pm
January 19, 2018 Andrea Arbeleaz National Institute of Standards and Technology 100 Bureau Drive, Stop 8930 Gaithersburg, M.D. 20899 RE: Cybersecurity Framework Versions 1.1 Draft 2 Dear Ms. Arbeleaz, Thank you for the opportunity to provide commentary from the Internet Security Alliance on the second proposed version 1.1 update to the Framework for […]
Posted on May 11, 2017 at 11:40 am
The Internet Security Alliance (ISA) supports President Trump’s new executive order on cybersecurity, and looks forward to assisting in its implementation. The Senate Committee on Commerce, Science, and Transportation, with its jurisdiction covering interstate commerce, has broad authority over key elements of the Order. ISA suggests the Committee consider some of the following recommendations as […]
Posted on April 10, 2017 at 1:42 pm
The Internet Security Alliance (ISA) is a multi-sector trade association representing mainly the chief information security officers of Fortune 100 companies. ISA has a long-standing interest in seeing that the Framework achieves its objectives of better private-sector cybersecurity. ISA’s Cybersecurity Social Contract, published in 2009, first called for the collaborative industry-government development of standards and […]
Posted on December 5, 2016 at 1:42 pm
The Internet Security Alliance congratulates the American Institute of CPAs’ for their effort to create a consistent assessment methodology for a company’s cybersecurity risk management processes. ISA represents some of the largest companies in the world. These companies are the intended buyers and audience for the AICPA’s proposed cybersecurity attestation engagement. Our members are invested […]
Posted on February 19, 2016 at 1:42 pm
We want to thank NIST both for the opportunity to respond to the Request for Information and the ongoing excellent work that NIST provides in working with the private sector to improve the nation’s cyber security. The initial NIST Framework for cyber security has not only proven to be a useful tool in enhancing the […]
Posted on April 18, 2015 at 1:29 pm
The March 4, 2015 Federal Register Notice announcing the March 18th ISAO/ISAC Summit indicated that there was an open comment period through April 19th. The Internet Security Alliance (ISA) appreciates the opportunity to offer our comments as our preliminary input and initial contributions to the ISAO discussion in addition to the statement for the public […]
Posted on October 10, 2014 at 1:42 pm
Topics Addressed This section of our comments addresses issues faced by eight critical infrastructure sectors. The authors of these comments are mostly chief information security officers for large companies within those sectors. Namely (and in order): Defense Industrial Base; Healthcare; Financial Services; Energy (specifically, local utilities); Information Technology; Telecommunications; Manufacturing; and, Food and Agriculture. Readers […]
Posted on April 8, 2013 at 1:42 pm
Current Risk Management Practices: NIST solicits information about how organizations assess risk; how cybersecurity factors into that risk assessment; the current usage of existing cybersecurity frameworks, standards, and guidelines; and other management practices related to cybersecurity. In addition, NIST is interested in understanding whether particular frameworks, standards, guidelines, and/or best practices are mandated by legal […]