ISA releases international cyber-risk handbooks for German, UK boards of directors

April 18, 2018

Larry Clinton
President and CEO, Internet Security Alliance
(202) 236-0001


(WASHINGTON, D.C.) – The Internet Security Alliance (ISA) is pleased to announce two new editions of its cyber-risk handbook for corporate boards released today at the National Association of Corporate Directors’ (NACD) Global Cyber Forum in Geneva, Switzerland.

The new handbooks – developed in partnership with American International Group, Inc. (AIG) and the Alliance for Cyber Security (ACS), an affiliate of the German Federal Office of Information Security (BSI) – are tailored to boards in Germany and the United Kingdom and are based on the successful 2017 and 2014 editions of the NACD Cyber-Risk Oversight Handbooks developed by ISA.

“The original NACD handbook is one of the few, perhaps the only, program independently assessed as generating positive cybersecurity outcomes,” said ISA President Larry Clinton. “In their Global Information Security Survey, PricewaterhouseCoopers concludes that the NACD handbook resulted in higher cybersecurity budgets, better risk management, and closer alignment of cyber with overall business goals, while helping organizations establish a culture of security. Given this success, it was important for us to maintain the core principles of the handbook while adapting to the unique circumstances in Germany, the European Union, and the UK rather than reinventing the wheel.”

Peter Gleason, President and CEO of NACD, agreed that the handbooks will help German and UK companies better address their own cyber risk.

“NACD congratulates the ISA, AIG, and the German Federal Office for Information Security on taking forward the principles outlined in the Handbook and putting them into a practical context for board members of German companies,” Gleason said.

Like the original handbook was endorsed by the Department of Homeland Security and the Department of Homeland Security, the German edition has received an endorsement from Germany’s BSI.

“Cybersecurity is one of the most important issues any corporate board needs to address,” said BSI President Arne Schönbohm. “This Handbook provides a coherent set of principles German boards can follow when considering cyber-risk as well as a set of pragmatic questions board members can use in conjunction with senior management.”

The new handbooks are available free of charge here.

About ISA: The Internet Security Alliance (ISA) is a trade association with members from virtually every critical industry sector. ISA’s mission is to integrate advanced technology with economics and public policy to create a sustainable system of cybersecurity. ISA pursues three goals: thought leadership, policy advocacy and promoting sound security practices. ISA’s “Cybersecurity Social Contract” has been embraced as the model for government policy by both Republicans and Democrats. ISA also developed the Cyber Risk Handbook for the National Association of Corporate Directors. For more information about ISA, please visit or 703-907-7090.


Downloadable copy (PDF)