June 2013 ISA Monthly Highlights

July 16, 2013

ISA Accomplishments and Activities for June 2013

  • As directed by President Obama’s Executive Order on cyber security, the National Institute of Standards (NIST) published its draft outline of a framework of cyber security standards and practices for the private sector.  The very first source cited in the draft report was the Internet Security Alliance’s “Financial Management of Cyber Risk” and the foundational chapter of the NIST framework is set to follow this model.
  • The Integrated Task Force workgroup on “Planning and Goals” established to implement the President’s Executive Order published its draft report on how the public-private partnership for security ought to develop. Half of the report’s recommendations can be tied directly to the joint government/industry study on how to improve the effectiveness of the partnership, which ISA co-chaired and presented at the fall 2012 “Quad Meeting” of telecommunications and IT sectors and later adopted by all 18 critical sectors through the Partnership for Critical Infrastructure Security (PCIS), where ISA also holds a Board seat.
  • Five different government departments (DHS, Commerce, Treasury, and DoD/GSA) submitted reports to the President on how to use incentives to stimulate enhanced cyber security practices for critical infrastructure. While the reports are not public yet, ISA has been told they are consistent with the ISA social contract for cyber security and the President’s Executive Order.
  • ISA is featured on Fox Business News commenting on the NSA controversy.
  • ISA participates in Council on Foreign Relations workshop on cyber security.