ISAO Ecosystem Spotlight — July 25, 2018

The Information Sharing and Analysis Organization (ISAO) Standards Organization (SO) held a FREE webinar on July 25 with a Hot Topic presentation on the General Data Protection Regulation (GDPR), which became effective in May 2018. The GDPR heralded in an entirely new era for how entities need to look at and manage the privacy and information security of individuals.

GDPR requires a change in internal governance structures and how entities collect, manage, process, use personal data as well as how their vendors do as well. GDPR also expands the definition of what personal data means and includes severe penalties for non-compliance, 20 million euros or up to 4 percent of global annual revenue, whichever is higher.

The ISAO Ecosystem Hot Topic Spotlight webinar covered the basic components of GDPR and how it could impact cybersecurity information sharing efforts. It was presented by Norma Krayem, senior policy advisor and global chair, Holland & Knight Cybersecurity & Privacy Team.

Following the discussion on the GDPR, a Vendor Spotlight with Wapack Labs’ Chief Intelligence Officer Jeff Stutzman explained how you can transform your cybersecurity with the right intelligence and tools. Stutzman shared a ransomware cyber story, explaining what happened and how it was solved.

Presentation Materials

Norma Krayem is a Sr. Policy Advisor & Global Chair with Holland & Knight Cybersecurity & Privacy Team. She brings more than 20 years of global policy experience and held executive positions in the U.S. Departments of State, Commerce and Transportation. She works with public sector and Fortune 500 clients to develop strategies designed to build and maintain a competitive edge. Krayem specializes in the impacts of cyber and privacy issues in critical sectors, including banking and financial services, insurance, energy, communications, health, transportation and many others.

She also works with U.S and international regulators on global cybersecurity and privacy issues including in bilateral and multilateral agreements spanning the G7, G20, EU, APEC and other multinational organizations. She has worked U.S.-EU programs including the Safe Harbor program, Privacy Shield, the General Data Protection Regulation (GDPR) and others including the APEC Cross Border Privacy Rules.

During her extensive career in Washington, D.C., Krayem provided key insight and guidance to major officials at the White House, in Congress and in nations around the world. She uses her diverse and comprehensive experience to help clients understand and integrate in dynamic technology solutions including the use of, and the implications from, Big Data, IoT, blockchain/DLT, machine learning and Artificial Intelligence. Inherent to the approach is an awareness of the need for “privacy by design” and “security by design.” She has been an active member of the ISAO SO system since its inception and Co-Chairs the ISAO Privacy and Security Working Group as well as the International Working Group.


Wapack Labs is a private cyber intelligence organization that performs research, analysis and intelligence operations. The Lab authors cyber threat intelligence and analysis for the global memberships of the Red Sky Alliance, the Financial Services ISAC and the Maritime and Port Security ISAO.

Prior to Wapack Labs, Stutzman served as a director at the DoD Cyber Crime Center (DC3). Stutzman has ‘boots on the ground’ experience in more than two dozen high-risk cyber threat areas including China, Brazil, the Middle East and South America.

Stutzman has held operational and senior positions with Cisco Systems, Northrop Grumman, Carnegie Mellon University, the DoD Cyber Crime Center and is a former Navy Intelligence Officer. He has been cited in the Wall Street Journal, Wired Magazine, NH Public Radio and numerous trade publications. Stutzman also holds a BS from Excelsior College, an MBA from Worcester Polytechnic Institute and is a Harvard Kennedy School Senior Executive Fellow.