July 2013 ISA Monthly Highlights

September 10, 2013

ISA Accomplishments and Activities for July 2013

  • ISA President Clinton is invited to White House to meet with President Obama’s top cyber security advisor, Michael Daniel. ISA receives assurance that President’s legislative package will not contain calls for any new regulatory authority over the private sector for cyber security.
  • ISA Board has its second private meeting with the team drafting the cyber security framework pursuant to President Obama’s Executive Order on cyber security. In addition to soliciting specific feedback on a range of issues relative to the construction of the framework the drafting team requests ISA help in 2 specific areas:
    • ISA is asked to find a group of senior exes who will be responsible for deciding if their enterprise will adopt the framework and assure the framework addresses the issues senior exes will need to make this decision (N.B. a group of ISA Board members have volunteered for this task).
    • Given the need to globalize the US based framework, and lack involvement from the international business community in its development, ISA is asked to use its international contacts and solicit feedback from the international business community (ISA has initiated plans for 2 conferences on this topic in September led by sponsors Vodafone and AVG).
  • ISA Chairs the Information Technology Sector Coordinating Council Quarterly (ITSCC) meeting. Accomplishments include:
    • ISA will chair regular monthly meetings with DHS Acting Deputy Secretary for Cyber Security to remain coordinated on ongoing cyber security issues and programs.
    • A new “Acquisition Group” interfacing with DoD and GSA will be established under the IT SCC which ISA Chairs.
    • Reports from DHS, Treasury and Commerce on the use of market incentives to promote cyber security have been delivered to the White House.
    • DHS will be recommending a very narrow list of “most critical infrastructure” to be covered under the President’s Executive Order following ISA recommended “risk based” as opposed to “consequence based” model.
  • ISA participates in NIST framework workshop in SD.
  • ISA presents at GMU conference on supply chain.