September 8, 2020

  • ISA held its annual summer board of directors conference call. In addition to details of the Public Policy book ISA has created (discussed below) featured topics were legislative updates including ISA recommendations to the Congressionally mandated Solarium Commission including the Commission’s specific endorsement of the ISA “Social Contract” model as the basis for industry government relations going forward.
  • ISA completes and submits the final transcript of the new public policy book to be titled Incentivizing Cybersecurity: Creating a Sustainable Public-Private Partnership. The book  is based on policy positions consistent with our new three-year (2020-2021 & 2022) business plan.  Board members outlined policy positions which will be published congruent with the incoming Congress. The book suggests a major reason for lack of progress in cybersecurity is misanalysing the issue as simply operational technical matter. It outlines the extent of systemic risk and the threat from China. It describes weakness in our current cyber strategy and offers structural and policy reforms to address it. The book concludes with specific analysis of the financial services, health, energy, defense, retail and IT sectors.  Georgetown University Press GUP’s Senior Editor for Business attended the ISA spring and summer board meetings to provide guidance on book development.  ISA also announced plans for an extended social marketing program built around a regular series of blogs taken from the book’s content which will be rolled out as the book is being prepared for publication.
  • DHS publishes its recommendations of the Pandemic Recovery Working Group, which ISA co-chaired. Among the recommendations included in the report, which were not included in the government’s initial working draft but were suggested by ISA board members details for  securing systems that enable remote access/ Ensuring VPNs are fully patched/ Implement multifactor authentication/ Ensuring continuity of operations plans and Revising cyber incident response plans to account for workforce changes due to the teleworking environment.
  • ISA inaugurates a partnership with the World Economic Forum (WEF) and the National Association of Corporate Directors (NACD) with a two fold goal 1) Integrate the cybersecurity Principles for Corporate Directors developed by NACD and ISA with similar principles developed by WEF – expected publication Q4 of 2020.  2) Develop a methodology to empirical analysis of the combined principles with consensus outcome variables to enable the verifiable testing of use of the principles measuring their effectiveness in generating actual security benefits
  • ISA held a series of workshops in partnership with the Association of Governing Boards (AGB) to develop a Cyber Risk Handbook targeted to the vastly underserved college and university community to help guide improved cyber practices in colleges and universities.
  • L3-Harris joins the ISA as a new sponsor company
  • ISA serves a featured guest on Podcast for the IT Sector Information Sharing and Analysis Center
  • ISA serves as featured guest for E&Y Podcast targeting best practices for corporate boards
  • ISA is featured guest on podcast for Diligent targeting best cyber practices for corporate boards