Internet Security Alliance Top 25 Highlights of 2020

January 5, 2021

ISA top 25 ISA highlights for 2020

  • ISA AND National Association of Corporate Directors (NACD) release third edition of the Cyber Risk handbook for corporate directors Cyber Risk 2020. The books are now officially joint ISA-NACD publications (previously known simply as NACD Handbooks)
  • US Department of Homeland Security and the US Department of Justice both endorse ISA/NACD Handbook. This publication in the only private sector document that has received this duel endorsement from the federal government.
  • DHS Director of the National Risk Management Center, Bob Kolasky, contributes forward for ISA-NACD book Cyber Risk 2020
  • ISA is one of three US institutions (in addition to Microsoft and IBM) invited to present to the G-20 Digital Economic Working Group in Riyadh Saudi Arabia as the working group developed its recommendations for the G-20 Summit in Riyadh later in 2020
  • ISA, in partnership with the European Conference of Directors Associations (ecoDa) release a version of the Cyber Risk Handbook for corporate boards adapted for the unique culture and requirements of the European Union
  • ISA and the Japanese Federation of Industries (the Japanese version of the Chamber of Commerce) release  a version of the Cyber Risk Handbook for corporate boards adapted for the unique culture requirements of Japan
  • ISA and NACD sign a Memo of Understanding with the World Economic Forum to jointly promote consensus best practices for boards of directors on cyber risk oversight and develop a methodology to empirically assess if the consensus principle generate improved cyber security outcomes.
  • ISA succeeds in lobbing DHS to include recommendations – developed by the ISA board — for pandemic recovery specific to cybersecurity into official USG recommendations for the general public (initially government official recommendations did not include any provisions for cybersecurity)
  • ISA President Larry Clinton and DHS CISA Director of the National Risk Management Center, Bob Kolasky cohost a panel at the RSA Conference in San Francisco

on the economics public private partnerships

  • ISA President Larry Clinton and NACD President Erin Essenmachar are asked to cohost a panel at the RSA Conference in San Francisco on cyber risk oversight best practices for corporate boards
  • Congressman Jim Langevin, chairman of the House Armed Services Subcommittee on Emerging Threats, introduces legislation calling for creation for a Cybersecurity Director office at the White House. Legislation is based on ISA recommendation.  Chairman Langevin cites ISA in press release on introduction   
  • Congressionally empowered Solarium Commission endorses the ISA Social Contract as the model for effective public private partnerships for cybersecurity. 
  • Congress enacts National Defense Authorization Act NDAA over Trump veto January 1, 2021. Several ISA policy recommendations are folded into (NDAA) including provisions such as the creation of a Cyber Security Director in the White House which were initiated in ISA’s 2016 Cyber Social Contract book.
  • Chris Krebs, DHS Cybersecurity and Infrastructure Security Agency (CISA) Director provides an exclusive briefing for the ISA board of directors at its annual spring meeting
  • ISA completes 2020 edition of its cyber social contract series entitled Rethinking Cyber Security: Incentivizing an Effective Public Private Partnership and submits it to Georgetown University Press for publication target date fall 2021. Book defines ISA public policy agenda for new Administration
  • ISA completes and submits first draft of book that adapts the Principles ISA and NACD developed for boards and articulates how management can fulfill the expectations of the board as defined in ISA-NACD and international versions of handbook, expected publication by Georgetown University Press Spring 2022.
  • NACD President Peter Gleason agrees to contribute forward to ISA book on enterprise risk management, implying NACD endorsement
  • Ninety percent of the ISA board companies participate in construct=ion of the two books ISA developed in 2020
  • ISA and NACD co-hosted their Zoom conference on cyber security exclusively for members of corporate boards. This is the forth ISA-NACD join sponsored conference.
  • ISA teaches Zoom course on Cyber Risk Management as part of  Wharton School Graduate Executive Education Program in Financial Services. This is the fourth consecutive year Wharton has asked ISA to offer this course (usually team taught by ISA board). Student evaluations are,  
  • Association of Governing Boards (AGB) and ISA agree on a Memo of Understanding to create the first Cyber Risk handbook for boards of governors and associated institutions at colleges and universities. As part of the MOU, AGB agrees to assist ISA in promoting ISA’s book on cyber risk management
  • ISA launches nation-wide social media campaign #rethink cybersecurity intended to create a nation-wide community of cybersecurity professionals, academics and policy makers committed to taking a more pro-active and visionary6 approach to cybersecurity
  • ISA creates senior intern program for summer and fall semesters attracting 10 Graduate and Law students to assist in ISA programming.
  • United Airlines joins the ISA board being the first transportation company on the board
  • AES joins the ISA board of directors becoming the first electric utility on the ISA board.