Online Public Forum – April 27, 2017

The ISAO SO hosted the April Online Public Forum on April 27, 2017. The guest speaker was Tom Millar, United States Computer Emergency Readiness Team’s (US-CERT) Chief of Communications. Mr. Millar discussed the use of Traffic Light Protocol (TLP) to facilitate greater sharing of information, and the experiences that led to standardizing it under the Forum of Incident Response and Security Teams, or FIRST as it is known.

The ISAO SO followed Mr. Millar’s presentation with an update on the Request for Comment period, currently taking place through May 5, 2017 on three draft documents: ISAO Special Publication 1000: Forming a Tax-Exempt Entity; ISAO Special Publication 4000: Guiding Practices to Advance Consumer Privacy in Cybersecurity Information Sharing; and ISAO Special Publication 8000: Frequently Asked Questions for ISAO General Counsels. The documents can be found on the Draft Products page on the ISAO website. A list of Future Documents currently being developed by our working group members was also shared during the forum.

The ISAO SO announced it is seeking new members to work on the development of documents and products related to Information Sharing Analysis. Interested experts can apply to be part of Analysis working group on the Join a Working Group page. In general, the ISAO SO is always looking for new volunteers to participate in the working groups, over 150+ experts from various industry sectors, government, and academia have already joined. The web-based application takes less than three minutes to complete.

Participants in the forum also heard the latest news about the International Information Sharing Conference. The ISAO SO is proud this two-day event will conclude National Cybersecurity Awareness Month. This unique conference will go beyond discussing current cyber information sharing topics, vendors will have the opportunity to show conference attendees by demonstrating competing platforms and services. Time is running out to lock in the discounted rate of $295—Early Bird registration ends May 31! The deadline to submit an abstract to present, speak on a panel or lead a breakout session also ends on May 31, 2017, please visit the Call for Topics and Speakers to submit a proposal today. Expo and Sponsorship details can also be found on the conference home page. IISC 2017 takes place October 31-November 1 in Washington D.C.

Public feedback remains vital to developing future documents and growing the information sharing community. We appreciate your continued support in our joint effort to make the Nation more secure and resilient.

Presentation Materials

About Tom Millar

Tom Millar serves as the United States Computer Emergency Readiness Team’s (US-CERT) Chief of Communications, a role which finds him at the intersection of outreach, awareness, standards development, and technical interoperability initiatives. In this role, Mr. Millar is focused on modernizing US-CERT’s approaches to information sharing, knowledge exchange and coordination. Since joining US-CERT in 2007, he has played a significant role in US-CERT’s response activities during major cyber events such as the Distributed Denial of Service (DDoS) attacks on Estonia in 2007, the outbreak of the Conficker worm, and the DDoS attacks on major U.S. Government and commercial Web sites in 2009.

Mr. Millar has previously worked as a team lead for intrusion detection and analysis at the FBI’s Enterprise Security Operations Center. Prior to his cybersecurity career, he served as a linguist with the 22nd Intelligence Squadron of the United States Air Force.

Mr. Millar has a Master’s of Science in Engineering Management from the George Washington University.