The Information Sharing and Analysis Organization Standards Organization (ISAO SO) announced on January 15 the volunteers it selected to serve as chairs for the six initial Standards Working Groups. Among the chosen working group chairs are leaders and members of the National Council of ISACs (NCI).
Denise Anderson, President of the National Heath ISAC, is Chair, ISAO Capabilities Working Group. Vice Chair is Fred Hintermister, Manager, Cross Sector, at Electricity ISAC. Anderson and Hintermister are Chair and Vice Chair, respectively, of the National Council of ISACs. Leading the working group on ISAO Support is Carlos Kizzee, Executive Director of the Defense Security Information Exchange, which is also affiliated with the NCI. In addition, several leaders of the nation’s ISACs are supporting the ISAO standards development effort as working group members. The other four working groups are: ISAO Creation, Information Sharing, Privacy and Security and Government Relations, all led by experts in their respective fields.
“The ISAC community has many years of experience as pioneers in private sector information sharing,” says Anderson. “The National Council of ISACs is dedicated to supporting information sharing within sectors and on a cross-sector basis, and we are excited to play such a vital role helping to develop ISAO best practices.”
The ISAO SO was established late last year under the February 2015 White House Executive Order on Promoting Private Sector Cybersecurity Information Sharing. Its purpose is to work with stakeholders to identify a common set of voluntary standards for the creation and functioning of ISAOs, which are intended to improve the Nation’s cybersecurity posture and resiliency by deepening and broadening the timely exchange of cybersecurity threat and incident response information.
Formed in 2003, the NCI today comprises 24 Information Sharing and Analysis Centers (ISACs) and other organizations recognized within their respective sectors as primary information sharing and operational arms. ISACs help critical infrastructure owners and operators protect their facilities, personnel, and customers from cyber and physical security threats and other hazards. ISACs collect, analyze, and disseminate actionable threat information to their members and provide members with tools to mitigate risks and enhance resiliency. The first ISAC was established in 1999 and many ISACs have been operating for more than 10 years.
For more information about the ISAO SO’s work, visit www.isao.org.