(WASHINGTON, D.C.) – Internet Security Alliance (ISA) President Larry Clinton has been named to lead a joint cybersecurity policy effort between DHS and the IT Sector Coordinating Council. The announcement was made at DHS during the annual joint meeting of the Government Coordinating Council with the IT Sector Coordinating Council Friday, September 29, 2017.
A joint statement that circulated prior to the Friday meeting said, “While cybersecurity is now acknowledged as a critical priority by government and industry alike, the near universal recognition of the problem often spurs divergent initiatives from policy makers across the USG and the states…(that are) often uncoordinated raising the specter of not only siloed but often regulatory proposals calling for the premature development and implementation of cybersecurity measures or metrics that favor compliance based cybersecurity models that are disconnected from any clear cybersecurity benefit. Further, cybersecurity threats from sophisticated and well-resourced adversaries including nation states continue to grow raising concerns that essential US public and private sector actors may not be adequately prepared to launch a coordinated response to a potential cybersecurity incident of national significance”
In response, the new initiative is charged with pursuing three joint policy goals that have been agreed to by DHS and the IT SCC. These goals are regulatory streamlining, promoting the NIST cybersecurity framework, and ICT mobilization, especially with respect to being prepared for a cyber incident of national significance.
ISA’s Clinton welcomed the new initiative. “We have jointly realized that we are at an inflection point with respect to cybersecurity. We now need a more intensified and coordinated policy approach. For example, while we are all big fans of the NIST Framework now, three years past implementation, we have still not prioritized its elements nor determined how it can best used in a cost-effective manner. Moreover, we are now seeing a weed-like growth in cyber regulatory efforts that have not been shown to be effective but are diverting scarce security resources to redundant and conflicting regulatory regimes. If we are going to make progress in preparing ourselves for potentially ever larger cyber events, we need to get our arms around these efforts and develop a coordinated and empirically proven effective cybersecurity strategy. That is what we are hoping to do through this new initiative,” Clinton said.
About ISA: The Internet Security Alliance (ISA) is a trade association with members from virtually every critical industry sector. ISA’s mission is to integrate advanced technology with economics and public policy to create a sustainable system of cybersecurity. ISA pursues three goals: thought leadership, policy advocacy and promoting sound security practices. ISA’s “Cybersecurity Social Contract” has been embraced as the model for government policy by both Republicans and Democrats. ISA also developed the Cyber Risk Handbook for the National Association of Corporate Directors. For more information about ISA, please visit www.isalliance.org or 703-907-7090.