The Internet Security Alliance has international membership and global reach. Our members include Fortune 100 multinationals with operations that span the globe. They also include U.K.-based Vodafone. In keeping with our market-based and voluntary approach toward cybersecurity, ISA advocates for the multi-stakeholder approach to cybersecurity. Our beliefs are anchored in the experiences of our sponsors, virtually all of which do business abroad.
As cyberattacks have grown in number, sophistication, and seriousness, it’s apparent that cybersecurity is far more than an information technology issue. In 2014, ISA and the NACD jointly saw this issue and decided to publish a handbook, Cyber-Risk Oversight Handbook, aimed at guiding boards of directors into addressing cybersecurity as an enterprise-wide risk management problem. The handbook talks about cybersecurity in the language of business concerns. PricewaterhouseCoopers independently found is effect to be dramatic improvements to corporate cybersecurity.
We issued a significantly updated version in 2020. The new handbook version is the only private sector generated publication to be specifically endorsed by the U.S. departments of Homeland Security and Justice.
The 2018 Global Summit on Cybersecurity for corporate boards
In April 2018, ISA and the National Association of Corporate Directors (NACD) hosted a Global Summit on Cybersecurity for corporate boards in Geneva.
The goal of the event was to create a coherent approach to cybersecurity based on the five principals of the Cyber-Risk Oversight Handbook, but adapted to unique environments outside the United States.
In 2017 and 2018, the ISA held preparatory events in the United Kingdom and Germany to formulate local versions of the handbook. These handbooks were published in Spring, 2018.
ISA continues to seek opportunities to adapt the Cyber-Risk Oversight Handbook. In Autumn 2018, ISA, through a partnership with the Organization of American States, held workshops in Bogota, Colombia and Mexico City, Mexico to draft a handbook version that may be applied throughout Latin America. A Cyber-Risk Handbook for Latin American Boards of Directors was published in September 2019.
In May 2019, ISA in partnership with The European Confederation of Directors Associations (ecoDa), held a workshop in Brussels, Belgium, to draft a pan-European version of the handbook. This Pan-European version was published in 2019.
ISA in partnership with the Japanese Business Federation, published a handbook for use by Japanese Boards of Directors. ISA also plans to publish a version of the handbook for use for Boards of Directors in India. ISA is working with the Communication Multimedia and Infrastructure Association of India (CMAI) and the Telecom Equipment Manufacturers of Association of India (TEMA) to adapt the handbook. It is likely that both versions will be available during the first quarter of 2020.