JOIN ISA

ISA as a Leader in Cyber Practice

National Association of Corporate Directors Peter Gleason announcing release of the 4th edition of the NACD-ISA Cyber Risk Oversight Handbook

Practice

The ISA Mission is to integrate advanced technology with economics and public policy to create a sustainable system of cybersecurity.

“Guidelines from the NACD-ISA advise that Boards should view cyber-risks from an enterprise-wide standpoint… Respondents said this deepening Board involvement has helped improve cyber security practices in numerous ways including a 24% boost in security spending. Other notable outcomes cited by survey respondents include identification of key risks, fostering an organizational culture of security and better alignment of cybersecurity with overall risk management and business goals.”

— PWC Global Information Security Survey

“The NACD-ISA Cyber Risk Oversight Handbook demonstrates that organizations that use the consensus principles can significantly improve their cyber resilience without raising costs and organizations that follow the principles are predicted to have 85% fewer incidents.”

— World Economic Forum- MIT joint study 11/22

CISA Director Jen Easterly awarded ISA her personal “Challenge Coin” for excellence in promoting national cyber defense.

It does this by implementing its three major goals – thought leadership, policy advocacy and developing effective best practices, particularly for corporate boards and senior management.

Over the past 15 years ISA has become the world’s leading provider of cyber best practices for corporate boards.

The ISA board of directors, working with partners including the National Association of Corporate Directors, the World Economic Foundation and a range of international board level entities and governments (including DHS/the FBI.BSI in ‘Germany and the OAS) has developed the only set of best practices in cybersecurity that has been independently assessed (by PWC, MIT and the World Economic Foundation) and proven create tangible positive security outcomes.

The academic literature has recognized the NACD-ISA Principles as the “defector international standard for cyber risk oversight”. ISA has also published a full length book Cybersecurity for Business: Ensuring Cyber Risk is NOT Just an IT Issue which translates the proven board level principles into specific roles and responsibilities for senior management to implement them.

In 2024 ISA and NACD created the first AI supplement to the Cyber Risk Handbooks as well as creating a second edition of the Handbook for European Corporate Boards with the European Conference of Director Associations and a separate German Handbook created in conjunction with the German Federation for Information Security (BSI).

In 2025 the ISA board and NACD will create the fifth edition of the US Handbook in conjunction with DHS and the FBI.

ISA Produced a Companion Book Detailing the Roles and Responsivities of Senior Managers Coordinated with the Cyber Risk Handbooks which is Published in both English and German
ISA was named to the “Corporate 100 list of the most influential organizations in corporate governance” for the second time in 2017.
UK Edition: Managing Cyber Risk
Japanese Edition: Managing Cyber Risk
Portuguese Edition: Manual De Suporte Sobre Risco Cibernético Para O Conselho Administrativo
Spanish Edition: Manual De Supervisión De Riesgos Cibernéticos Para Juntas Coporativas
Cyber Risk Oversight for Higher Education Boards Handbook
German Edition: Managing Cyber Risk First Edition

A leader in Cyber Policy, Practice, and Promotion.

Contact
Helpful Links
Subscribe

Enter your email to be added to our email list:

Facebook Linkedin Twitter
Copyright © 2025 Internet Security Alliance, All rights reserved.