116th Congress (2018-2020) Advocacy
The Internet Security Alliance actively seeks to educate Members of Congress and staff about the economics-based model for strengthening cybersecurity outlined in the Cybersecurity Social Contract. These policy recommendations include harmonizing cybersecurity regulations to refocus resources dedicated to compliance on security, testing the cost-effectiveness of the NIST Cybersecurity Framework, establishing incentives to improve private sector cybersecurity, and strengthening cybersecurity law enforcement. In 2019, ISA met with numerous committees overseeing cybersecurity to introduce and advance the public policy initiatives of the ISA, including those articulated in the Internet Security Alliance’s Cybersecurity Social Contract.
October 2019 ISA Board and Congressional Advocacy
During October 2019, the ISA Board of Directors met with Representative Doug Kilmer (D-WA), who serves on the House Appropriations Committee, Interior and Environment Subcommittee, Defense Subcommittee, and Energy and Water Development Subcommittee; Representative Doug Collins (R-GA), Ranking Member of the U.S. House Committee on the Judiciary; Representative Elissa Slotkin (D-MI), who serves on the Committee on Armed Services. Subcommittee on Intelligence, Emerging Threats and Capabilities; Subcommittee on Readiness; Committee on Homeland Security. Subcommittee on Counterterrorism and Intelligence and Subcommittee on Cybersecurity and Infrastructure Protection; Representative Haley Stevens (D-MI) who serves on Committee on Education and Labor; Subcommittee on Health, Employment, Labor, and Pensions; Subcommittee on Workforce Protections; Committee on Science, Space, and Technology; United States House Science Subcommittee on Energy; and Chair Subcommittee on Research and Technology; and Representative Suzan DelBene (D-WA) Member, House Ways and Means Committee; Select Committee on the Modernization of Congress and Vice-Chair of the New Democrat Coalition, and co-chair of the Women’s High Tech Caucus, and Internet of Things Caucus.
Discussion topics included ISA priorities, including: Our global approach to educating corporate directors about cyber-risk oversight, given your sponsorship of the Cybersecurity Disclosure Act; using economic-analysis to measure risk and provide recommendations to DHS and the private sector to enhance critical infrastructure and cross-sector cybersecurity; testing and expanding sophisticated economics-based cybersecurity models and practices so they can be better deployed throughout the cyber-ecosystem; and, examining how regulatory coordination and streamlining, including the public-private work in the financial sector which may be of interest to your service on the Financial Services Committee.
Rep. Elissa Slotkin converses with the ISA Board of Directors
April 2019 ISA Board and Congressional Advocacy
In April 2019, during the ISA Board of Directors meeting, the board met with Congressman Mike Rogers, the ranking member of the House Homeland Security Committee, on cybersecurity matters, including regulatory harmonization.
ISA Congressional Advocacy At Work
The Internet Security Alliance has been called on to testify before Congress 15 separate times and has provided 20 witnesses for those hearings, such as board members.
Congressional outreach is a core function of ISA policy advocacy. We’re regularly on Capitol Hill with our staff and our board members, whether on a mission of education or because of a new policy development.
In March 2017, ISA board members met with a string of representatives, including Sen. Mike Rounds (R-S.D.), chairman of the Senate Armed Services cybersecurity subcommittee and Sen. Cory Gardner (R-Colo,) co-founder of the Senate Cybersecurity Caucus.
Being on Capitol Hill isn’t an infrequent experience for the ISA board. And the outreach pays dividends.
In the 112th Congress, a high-level House task force endorsed the approach laid out by ISA favoring market-based principles as the pathway toward improved cybersecurity.
When the House Republican Cybersecurity Task Force (pdf) convened, ISA was the first witness called to provide recommendations. The final report, published in October 2011, mirrored ISA recommendations and lifted language virtually identical to ISA Cybersecurity Social Contract publications.
In 2012, the ISA mobilized against cybersecurity bills that would have burdened industry with a regulatory approach to cybersecurity in the vein of Sarbanes-Oxley. ISA believed regulation was not the answer and maintained that a significant effort was needed to combat the growing cyber threat. We brought together a industry coalition based on an alternative model of industry standards and practices reinforced by market incentives. We later saw our effort picked up by the Obama administration, in the form of Executive Order 13636.
Click on the links below for ISA written statements before congressional committees.
- Larry Clinton’s Statement to U.S. Senate Committee on Commerce, Science, and Transportation
- Larry Clinton Testimony – House – “Cyber Security: What the Federal Government Can Learn from the Private Sector”
- ISA Testimony Leads To Bipartisan Cyber Incentives Effort
- Larry Clinton Testimony – House Energy & Commerce Testimony (Oral and Written with FNs)
- CYBERSECURITY: Threats To Communications Networks And Private-Sector Responses
- Larry Clinton – House Homeland Security Subcommittee
- Larry Clinton – Senate Judicary Committee
- Larry Clinton – House Energy and Commerce Subcommittee
- CYBERSECURITY: Network Threats And Policy Challenges
- Enhancing And Implementing The Cybersecurity Elements Of The Sector Specific Plans
- The Communication Sector Coordinating Council And Cyber Security
- CYBER GROUPS: A Review Of Public And Private Efforts To Secure Our Nation’s Internet Infrastructure
- CYBERSECURITY: Protecting America’s Critical Infrastructure, Economy, And Consumers
- H.R. 285: Department of Homeland Security Cybersecurity Enhancement Act of 2005
- Protecting Our Nation’s Cyber Space: Educational Awareness For The Cyber Citizen
- The DHS Infrastructure Protection Division; Public-Private Partnerships To Secure Critical Infrastructures
- COMPUTER VIRUSES: The Disease, The detection, And The Prescription For Protection
- COMPUTER VIRUSES: The Disease, The Detection, And The Prescription For Protection
- C-Span Cyber Security Policy Briefing
- CYBER SECURITY: Private-Sector Efforts Addressing Cyber Threats
- HOLES IN THE NET: Security Risks And The e-Consumer
- Fighting Cybercrime: Efforts by Private Business Interests