FOR IMMEDIATE RELEASE
President and CEO, Internet Security Alliance
(WASHINGTON, D.C.) – The Internet Security Alliance said Thursday that Homeland Security Secretary Kirstjen Nielsen’s recommendations for a “Collective Defense” model for cyber security highlighted an evolving strategy that moved forward today a more effective cyber security posture for the public and private sector.
“When the Administration initially coined the term ‘collective defense’ last winter some of us in the private sector had concerns that some of the rhetoric suggested moving away from the partnership model and that private investments ought not to adhere to legal requirements private entries are obligated to comply with. However, as conversations with DHS and the private sector have progressed we have moved toward a much more progressive understanding as illustrated in the Secretary’s speech today and the cyber security strategy DHS released earlier this month,” said ISA President Larry Clinton.
Clinton noted that the DHS cyber strategy included items such as the need for incentives to promote security innovations that move beyond what is commercially provided and do so in a cost effective fashion. Government and industry need to appreciate that we are all part of the same cyber system and that we need to approach collective defense through this systematic process recognizing the unique perspectives the public and private sector have under the National Infrastructure Protection Plan. Clinton said he was pleased to hear Neilson adhering to these progressive themes.
“This is a very difficult threat because it’s ubiquitous,” Nielsen said at the Capitol Hill Homeland Security Forum Thursday. “We can no longer look at this as protection of particular assets or systems. We have to look systemically, and that’s what our new strategy does. It really requires collective defense, which means we have to raise awareness across all entities, we have to prioritize, and we have to empower everyone that has an internet connection to understand where the threat is.”
“By working collaboratively with DHS and other private sector stakeholders, we have been able to make the collective security model a workable approach to move the needle on cybersecurity, addressing key challenges such as small business cybersecurity, measuring cost-effectiveness of cybersecurity risk management approaches, the cybersecurity workforce, and others,” said Clinton .
Nielsen stressed at the Forum that the collective security approach would maintain robust partnerships with private companies, international governments, and other relevant stakeholders.”This takes a whole-of-everybody approach,” Nielsen said. “It’s a much more proactive defense posture that includes everybody.”
About ISA: The Internet Security Alliance (ISA) is a trade association with members from virtually every critical industry sector. ISA’s mission is to integrate advanced technology with economics and public policy to create a sustainable system of cybersecurity. ISA pursues three goals: thought leadership, policy advocacy and promoting sound security practices. ISA’s “Cybersecurity Social Contract” has been embraced as the model for government policy by both Republicans and Democrats. ISA also developed the Cyber Risk Handbook for the National Association of Corporate Directors. For more information about ISA, please visit www.isalliance.org or 703-907-7090.