ISA and BSI to Unveil Cyber-Risk Handbook for German Boards of Directors

March 30, 2018

Larry Clinton
President and CEO, Internet Security Alliance
(202) 236-0001

(WASHINGTON, D.C.) – The Alliance for Cyber Security (ACS), an initiative of the Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik, BSI), and the Internet Security Alliance (ISA) announced today that it will release a Cyber-Risk Handbook for corporate boards of directors in German companies at the upcoming National Association of Corporate Directors’ first Global Cyber Forum in Geneva, Switzerland on April 17-18.

The German edition was developed through a collaborative effort and is based on the highly regarded Cyber-Risk Oversight Director’s Handbook ISA prepared for the National Association of Corporate Directors (NACD) in 2014 and revised in 2017. ISA President Larry Clinton and BSI Vice President Dr. Gerhard Schabhüser will be featured speakers at the Global Forum.

“Cybersecurity is one of the most important issues any corporate board needs to address. Especially given the strength and productivity of the German economy, companies operating in Germany are likely to be targeted for attack. This Handbook provides a coherent set of principles German boards can follow when considering cyber-risk as well as a set of pragmatic questions board members can use in conjunction with senior management. The result ought to be a more sustainably secure cyber system for German companies,” said Arne Schönbohm, President of BSI.

“While much of the material in the U.S. Handbook does translate to the German experience, German boards are different than U.S. boards in some key respects,” said ISA President Clinton. “It’s been very helpful to adapt the core principles boards must follow to the German culture and legal context. Most companies are now, in fact, international, so having a coherent set of principles boards can use to strategize how to address their unique cyber risk picture is invaluable. That’s what this Handbook does.”

Clinton pointed out that the principles embodied in the Handbook have already been independently demonstrated to generate positive cybersecurity outcomes.

“In its 2016 Global Information Security Survey, PricewaterhouseCoopers found that use of the NACD Handbook leads to improved cyber budgeting, better cyber-risk management, better alignment of cybersecurity with business goals, and an increased culture of security. I would expect similar outcomes in companies that will use the German edition,” Clinton said.

About ISA: The Internet Security Alliance (ISA) is a trade association with members from virtually every critical industry sector. ISA’s mission is to integrate advanced technology with economics and public policy to create a sustainable system of cybersecurity. ISA pursues three goals: thought leadership, policy advocacy and promoting sound security practices. ISA’s “Cybersecurity Social Contract” has been embraced as the model for government policy by both Republicans and Democrats. ISA also developed the Cyber Risk Handbook for the National Association of Corporate Directors. For more information about ISA, please visit or 703-907-7090.

About ACS: The Alliance for Cyber Security (ACS), an initiative of the Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik, BSI), supports companies in increasing the level of information security and effectively protecting their assets and business processes against potential cyber threats. Via the ACS, BSI is working actively with partners and multipliers in order to provide companies of any size and across industries with strategic and practical guidance. Members receive insights into the current threat landscape as well as effective countermeasures for the protection of their business via the ACS website. ACS events and working groups enable the confidential exchange of information and experiences among members of the business and research communities. As an association of all major players in the field of cyber security in Germany, ACS counts about 2.600 members, 100 partners and 45 multipliers (February 2018).


Downloadable Copy (PDF)