Government Relations Considerations v0.2 (SWG6)

Request For Comment

The Role of Government Subgroup of Standards Working Group 6, Government Relations, has conducted its initial review of the tasks that it has been charged to perform as part of the ISAO Standards Organization’s efforts to issue guidance to existing and emerging ISAOs. The first report of the Role of Government Subgroup provides a consensus view concerning the scope, strategy, and outputs related to the role in which government agencies should participate in ISAO efforts nationally.

Although the first public comment period is now closed, we still welcome your input. While your comments may not be included in the next round of published drafts, they will be considered for future revisions.

Download This Draft Document
Having trouble viewing this document?

Submitted Comments

Line ReferenceCommentDisposition
GeneralThese comments were submitted by The InfraGard National Capital Region Members Alliance (INCRMA), Regulatory & Policy Working Group, whose members hail from both government and industry. The InfraGard National Capital Region Members Alliance (INCRMA) is an alliance with the FBI's Washington Field Office and individuals committed to protecting the nation's critical infrastructure. Our chapter has the same footprint as the FBI field office with which we are aligned - Washington, DC and northern Virginia. Our mission is to improve and extend information sharing between critical infrastructure stakeholders, in both the private and public sectors, with the government, particularly the FBI, to protect those infrastructure assets from physical and/or cyber attack. As a result of this exchange, timely information and intelligence is delivered, investigations are initiated and/or enhanced, vital economic and national security assets are protected, and lasting relationships are formed between law enforcement and infrastructure owners/operators.Accepted
GeneralIn addition to other partnerships, the Anti-Phishing Working Group is a great prospect. http://apwg.org/about-APWG/APWG/ Accepted
216More information on the CISA protections would be highly advisable.Accepted
221Suggest the DHS AIS program be referenced separately since it is not part of the CISA description.Accepted
232-237Suggest PCII information be moved to PCI Program Information (175), since it is not part of CISA description.Accepted
237Typo in referencing the CISAAccepted
238What CISA legal protections apply to sharing cyber threat information between peer-to-peer ISAOs? Will peer-to-peer exchange have the same level of protections that ISAO to Government have, such as protection from FOIA requests and protection from civil litgation and regulatory action? Deferred
238Will the CISA protections covered all types of information exchanged, including more contextual information, i.e., where information about the threat actor and campaign is identified? Deferred