Tysons, VA—The Information Sharing and Analysis Organization Standards Organization (ISAO SO) hosted its fourth public forum at LMI headquarters in Tysons, VA on September 1. The forum, open to the general public and streamed online, attracted over 100 attendees and participants from multiple industry sectors, government, and academia. The public forum series augments the ISAO SO’s monthly online meetings and increased collaboration, facilitated discussions and generated feedback regarding the development of voluntary guidelines for the creation and functioning of ISAOs.
“The Information Sharing ecosystem has grown significantly over the past year. This public forum continued that trend and increased momentum as the ISAO SO prepares for the release of ISAO 100-1 and 600-1,” stated Dr. Gregory B. White, Executive Director, ISAO SO. “Public feedback continues to be the cornerstone of the ISAO SO as we work to improve the posture of our Nation’s cybersecurity.”
The fourth public forum marked a major transition in the information sharing conversation. Over the past year, the ISAO SO has established the ISAO community and focused on the development of the initial document creation. With this foundation established, today’s public forum focused on the implementation and support of the ISAO movement.
“The measure of merit we’ve established to guide all of our actions is to ask ourselves if we are growing the ecosystem and increasing its capabilities,” stated Rick Lipsey, Deputy Director, ISAO SO. “Our efforts and conversations at the forum push us closer to this goal as we turn our attention to implementation and support of ISAOs.”
Attendees participated in discussions regarding ISAO 100-1, Guidelines for Establishing an ISAO, and ISAO 600-1, U.S. Government Relations, Programs, and Services. This first set of guidelines will be released on September 30 on ISAO.org. These guidelines have been developed by over 160 working group members with the help of feedback from three previous public forums and two Request for Comment periods.
The public forum featured remarks from Michael Daniel, Special Assistant to the President and Cybersecurity Coordinator. Mr. Daniel highlighted the importance of the growth of the ISAO community. “The work you are doing is so important to put in place the critical building blocks we need,” he explained. “These building blocks will be used around the world as other countries look to us as leaders in cybersecurity.”
Panels featured executives and experts from across the nation with diverse backgrounds and experiences. The ISAO Services and Capabilities panel, moderated by Brian Engle (ISAO-SO), included industry leaders Denise Anderson (NHISAC), Kent Landfield (Intel), Chip Wickenden (FS-ISAC) and Stuart Gerson (Epstein Becker & Green). The Building an ISAO panel, moderated by Rick Lipsey (ISAO-SO), featured information-sharing influencers Frank Grimmelmann (ACTRA), Doug DePeppe (eosEdge Legal), Norma Krayem (Holland & Knight) and Matt Shabat (DHS).
The ISAO SO, led by The University of Texas at San Antonio with support from LMI and the Retail Cyber Intelligence Sharing Center (R-CISC), was established in October 2015 to facilitate the implementation of Presidential Executive Order 13691, “Promoting Private Sector Cybersecurity Information Sharing.” The ISAO SO is developing cybersecurity sharing standards, guidelines, and best practices using an open and transparent process for developing consensus standards. The public forum is an important component of the organization’s public engagement to create consensus-based ISAO standards and guidelines.
Slides and the recordings from the public forum will be made available here.