isa presentation to aba
play

ISA Presentation to ABA 1. Who is the ISA? 2. Review of activities in - PowerPoint PPT Presentation

Nov 19, 2022 •187 likes •476 views

Larry Clinton President Internet Security Alliance lclinton@isalliance.org 703-907-7028 (O) 202-236-0001 (C) ISA Presentation to ABA 1. Who is the ISA? 2. Review of activities in relation to the Obama Administrations Report on Cyber

  1. Larry Clinton President Internet Security Alliance lclinton@isalliance.org 703-907-7028 (O) 202-236-0001 (C)

  2. ISA Presentation to ABA 1. Who is the ISA? 2. Review of activities in relation to the Obama Administration’s Report on Cyber Security (May 2009) 3. Raise Issues of particular interest to the ABA based on the Obama Administration Outline on Cyber Security

  3. ISA Board of Directors J. Michael Hickey, 1 st Vice Chair Ty Sagalow, Esq. Chair VP Government Affairs, Verizon President Innovation Division, Zurich Marc-Anthony Signorino, Treas. Tim McKnight Second V Chair, National Assoc. of Manufacturers CSO, Northrop Grumman • Ken Silva, Immediate Past Chair. CSO VeriSign • Gen. Charlie Croom (Ret.) VP Cyber Security, Lockheed Martin • Jeff Brown, CISO/Director IT Infrastructure, Raytheon • Eric Guerrino, SVP/CIO, bank of New York/Mellon Financial • Lawrence Dobranski, Chief Strategic Security, Nortel • Pradeep Khosla, Dean Carnegie Mellon School of Computer Sciences • Joe Buonomo, President, DCR • Bruno Mahlmann, VP Cyber Security, Perot Systems

  4. Our Partners

  6. The Old Web

  7. The Web Today Source: http://cm.bell-labs.com/who/ches/map/gallery/index.html

  8. Internet Security Alliance Priority Projects 1. Public Policy: “The Cyber Security Social Contract: Recommendations to Obama 2. Financial Risk Management of Cyber Events 3. Securing the Globalized IT Supply chain 4. Securing the Unified Communications Platform 5. Modernizing Law in the Digital Age

  9. Releasing the Cyber Security Social Contract November, 2008

  10. What to Tell President Obama? 1. We need to increase our emphasis and investment on cyber security 2. Cyber Security must be recognized as critical infrastructure maintenance 3. Cyber Security is not a “IT” problem. 4. Cyber security is a enterprise wide risk management problem 5. Government and Industry need new relationship

  11. Cyber Social Contract • Similar to the agreement that led to public utility infrastructure dissemination in 20 th century • Infrastructure development through market incentives • Consumer protection through regulation • Gov role to motive is more creative— harder • Industry role is to develop practices and standards and implement them

  12. President Obama’s Report on Cyber Security (May 30 2009) » The United States faces the dual challenge of maintaining an environment that promotes efficiency, innovation, economic prosperity, and free trade while also promoting safety, security, civil liberties, and privacy rights. (President’s Cyber Space Policy Review page iii) » Quoting from Internet Security Alliance Cyber Security Social Contract: Recommendations to the Obama Administration and the 111 th Congress November 2008

  13. President Obama’s Report on Cyber Security (May 30, 2009) » The government, working with State and local partners, should identify procurement strategies that will incentivize the market to make more secure products and services available to the public. Additional incentive mechanisms that the government should explore include adjustments to liability considerations (reduced liability in exchange for improved security or increased liability for the consequences of poor security), indemnification, tax incentives, and new regulatory requirements and compliance mechanisms. President’s Cyber Space Policy Review May 30, 2009 page v » Quoting Internet Security Alliance Cyber Security Social Contract: Recommendations to the Obama Administration and 111 th Congress

  14. The need to understand business economics to address cyber issues » If the risks and consequences can be assigned monetary value, organizations will have greater ability and incentive to address cybersecurity. In particular, the private sector often seeks a business case to justify the resource expenditures needed for integrating information and communications system security into corporate risk management and for engaging partnerships to mitigate collective risk. Government can assist by considering incentive- based legislative or regulatory tools to enhance the value proposition and fostering an environment that encourages partnership.” --- President’s Cyber Space Policy Review May 30, 2009 page 18

  15. Financial Management of cyber Risk • It is not enough for the information technology workforce to understand the importance of cybersecurity; leaders at all levels of government and industry need to be able to make business and investment decisions based on knowledge of risks and potential impacts. – President’s Cyber Space Policy Review May 30, 2009 page 15 • ISA-ANSI Project on Financial Risk Management of Cyber Events: “50 Questions Every CFO should Ask ----including what they ought to be asking their General Counsel and outside counsel. Also, HR, Bus Ops, Public and Investor Communications & Compliance

  16. Financial Impact of Cyber Risk October, 2008

  17. Securing the IT Supply Chain » The challenge with supply chain attacks is that a sophisticated adversary might narrowly focus on particular systems and make manipulation virtually impossible to discover. Foreign manufacturing does present easier opportunities for nation-state adversaries to subvert products; however, the same goals could be achieved through the recruitment of key insiders or other espionage activities. ---- President’s Cyber Space Policy Review May 30, 2009 page 34

  18. Securing The IT Supply Chain In The Age of Globalization November, 2007

  19. Appendix C of Obama Administration Report: Conclusion – The history of electronic communications in the United States reflects steady, robust technological innovation punctuated by government efforts to regulate, manage, or otherwise respond to issues presented by these new media, including security concerns. The iterative nature of the statutory and policy developments over time has led to a mosaic of government laws and structures governing various parts of the landscape for information and communications security and resiliency. Effectively addressing the fragmentary and diverse nature of the technical, economic, legal, and policy challenges will require a leadership and coordination framework that can stitch this patchwork together into an integrated whole. President’s Cyber Space Policy Review May 30, 2009 page C-12

  20. Developing SCAP Automated Security & Assurance for VoIP & Converged Networks September, 2008

  21. ISA Unified Communications Legal Compliance Analysis (June 2009) 1.Descibes available Unified Communications (UC) Technologies 2. Describes Security Risks of Deployment 3. Inventory of Laws to be considered pre deployment 4. Analysis if ECPA creates a legal barrier to deployment 5 Toolkit for lawyers and clients to assist in avoiding exposure from deployment

  22. Congressional Testimony October, 2007

  23. ISA Proposed Incentives (Testimony E & C May 1, 2009) 1. R & D Grants 2. Tax incentives 3. Procurement Reform 4. Streamlined Regulations 5. Liability Protection 6. Public Education 7. Insurance 8. SBA loans 9. Awards programs 10. Cyber SAFETY Act

  24. Proposed Incentives: Liability » The Federal government should consider options for incentivizing collective action and enhance competition in the development of cybersecurity solutions. For example, the legal concepts for “standard of care” to date do not exist for cyberspace. Possible incentives include adjustments to liability considerations (reduced liability in exchange for improved security or increased liability for the consequences of poor security), indemnification, tax incentives, and new regulatory requirements and compliance mechanisms. --- Obama Administration’s Report on Cyber Security May 2009 page 28)

  25. Liability Questions • Who is at fault? (vendors?/purchasers?/ individuals?) • Does new technology (CLOUD) make legal liability impossible to determine? • Is a legal liability solution too time consuming? • Is a legal liability solution counter- productive? • Would incentives be better?

  26. Other Legal Issues That need to be Resolved » Scores of legal issues emerged, such as considerations related to the aggregation of authorities, what authorities are available for the government to protect privately owned critical infrastructure, the placement of Internet monitoring software, the use of automated attack detection and warning sensors, data sharing with third parties within the Federal government, and liability protections for the private sector. (Obama Administration’s Report on Cyber Security May 2009 page 3)

  27. Cyber Security as a New Business Opportunity • “Military contractors are now in the enviable position of turning what they learned from protecting sensitive Pentagon data that sits on their own computers, into a lucrative business that could replace revenue form the cancellation of conventional weapons systems as the demand for greater computer security spreads to health care, energy and the rest of the critical infrastructures.” NY Times 5/31/09

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Presentation Objectives: Computerized management information systems overview. Approaches to

Presentation Objectives: Computerized management information systems overview. Approaches to

International Co-operative Alliance (ICA) Cooperative Data Management Methods and Techniques A Workshop Paper Presented at the Co-operative Registrars/Commissioners/Directors, Co-operative Leaders and Managers Workshop Held in Harare. 08 th

561 views • 52 slides
GMTA COLLABORATION WITH IMDRF: Third Anniversary About GMTA Who are we? What do we do?

GMTA COLLABORATION WITH IMDRF: Third Anniversary About GMTA Who are we? What do we do?

GMTA COLLABORATION WITH IMDRF: Third Anniversary About GMTA Who are we? What do we do? How do we work with IMDRF? Who Are We? Origins date to 1990s as informal network Formally established in 2010 Secretariat and website

621 views • 12 slides
Definitions March 2020 1 Disclaimer March 2020 This presentation of RIB Software SE (the

Definitions March 2020 1 Disclaimer March 2020 This presentation of RIB Software SE (the

Definitions March 2020 1 Disclaimer March 2020 This presentation of RIB Software SE (the Company) contains forward -looking statements. These statements can be identified by terminology such as will, expects,

681 views • 11 slides
intelligent cargo handling Investor presentation February 2020 1 Investor presentation

intelligent cargo handling Investor presentation February 2020 1 Investor presentation

Investor presentation, February 2020 Becoming the leader in intelligent cargo handling Investor presentation February 2020 1 Investor presentation February 2020 2 Content 1. Cargotec in brief 2. Investment highlights 3. Kalmar 4. Hiab

1.02k views • 99 slides
Financial Presentation ( Six Months Ended September 30, 2015 ) Goro Yamaguchi President and

Financial Presentation ( Six Months Ended September 30, 2015 ) Goro Yamaguchi President and

October 30, 2015 Financial Presentation ( Six Months Ended September 30, 2015 ) Goro Yamaguchi President and Representative Director Toda day ys Presen s Presenta tation tion 1. F 1. Finan nancial R ial Resul esults for th s

444 views • 26 slides
Session 5b Privacy, Data Security and Legal Considerations in Software as a Service and Cloud

Session 5b Privacy, Data Security and Legal Considerations in Software as a Service and Cloud

Session 5b Privacy, Data Security and Legal Considerations in Software as a Service and Cloud Computing Services for Educational Institutions Presented by: Cristina Blanton Erin Fonte Associate Systemwide Compliance and Member, Privacy

310 views • 28 slides
Accelerating Business Performance through Market-driven Demand Analytics and Supply Chain

Accelerating Business Performance through Market-driven Demand Analytics and Supply Chain

Accelerating Business Performance through Market-driven Demand Analytics and Supply Chain Optimization ToolsGroups Powerfully Simple software solutions deliver improved business outcomes in complex demand-driven environments. ToolsGroup

171 views • 4 slides
The Blockchain Alliance for Liquid Value Networks Building a Fairer, Faster Global Value Exchange

The Blockchain Alliance for Liquid Value Networks Building a Fairer, Faster Global Value Exchange

The Blockchain Alliance for Liquid Value Networks Building a Fairer, Faster Global Value Exchange Micha Roon, Sweetbridge Who is Sweetbridge? We transform high-friction value chains into Liquid Value Networks. We use Blockchains , Smart

537 views • 25 slides
BUSINESS NAMES Business Law Reform Private Sector Development

BUSINESS NAMES Business Law Reform Private Sector Development

BUSINESS NAMES Business Law Reform Private Sector Development Ini>a>ve Overview What business names are and how theyre used When you need to register a business name How to

468 views • 12 slides
Business Assistance Program Los Angeles County Economic Development Corporation (LAEDC) Los

Business Assistance Program Los Angeles County Economic Development Corporation (LAEDC) Los

Free and Confidential Business Assistance Program Los Angeles County Economic Development Corporation (LAEDC) Los Angeles County Workforce Development, Aging and Community Services (LAC WDACS) Joe Torres Area Director What are the Challenges

674 views • 11 slides
Accessibility Statement City of Lakeland Broadband Business Plan - DRAFT by Magellan Advisors

Accessibility Statement City of Lakeland Broadband Business Plan - DRAFT by Magellan Advisors

Accessibility Statement City of Lakeland Broadband Business Plan - DRAFT by Magellan Advisors The City of Lakeland is committed to facilitating the accessibility and usability of its website, lakelandgov.net, and all documents therein for all

150 views • 13 slides
Q1 FY19 Financial Update Salesforce NYSE: CRM @Salesforce_ir 1 Safe Harbor "Safe

Q1 FY19 Financial Update Salesforce NYSE: CRM @Salesforce_ir 1 Safe Harbor "Safe

Q1 FY19 Financial Update Salesforce NYSE: CRM @Salesforce_ir 1 Safe Harbor "Safe harbor" statement under the Private Securities Litigation Reform Act of 1995: This presentation contains forward-looking statements about our

421 views • 26 slides
Group SECOND QUARTER 2018 2 Disclaimer This document is only provided for information purposes

Group SECOND QUARTER 2018 2 Disclaimer This document is only provided for information purposes

Group SECOND QUARTER 2018 2 Disclaimer This document is only provided for information purposes and does not constitute, nor should it be interpreted as, an offer to sell or exchange or acquire, or an invitation for offers to buy securities

475 views • 25 slides
Intercity and Regional Bus Network Study Statewide TAC Meeting #1 Kick off Kick off Agenda

Intercity and Regional Bus Network Study Statewide TAC Meeting #1 Kick off Kick off Agenda

Intercity and Regional Bus Network Study Statewide TAC Meeting #1 Kick off Kick off Agenda Meeting Goal: Understand TAC role and l d d l d responsibility and initiate development of service objective and issue statements.

486 views • 26 slides
STATEWIDE RURAL REGIONAL BUS NETWORK Impl pleme ementi nting ng the C Colora lorado do

STATEWIDE RURAL REGIONAL BUS NETWORK Impl pleme ementi nting ng the C Colora lorado do

STATEWIDE RURAL REGIONAL BUS NETWORK Impl pleme ementi nting ng the C Colora lorado do Inter ercit city a y and R d Regio iona nal B l Bus Netwo work rk Pla Plan May 23 th , 2016 DRCOG TAC 1 DIVISION OF TRANSIT AND RAIL

409 views • 16 slides
Transit Connections Focus Group Strengthening Tucsons Frequent Transit Network February 22,

Transit Connections Focus Group Strengthening Tucsons Frequent Transit Network February 22,

City of Tucson Transit Connections Focus Group Strengthening Tucsons Frequent Transit Network February 22, 2018 Kick-off Meeting 9-11am TDOT, 201 N Stone, 4 th Floor Conf. Room 1 Agenda Welcome and Introductions Jenn Toothaker,

804 views • 54 slides
Reimagining Staten Island Bus Service Delivering more direct, reliable express service for

Reimagining Staten Island Bus Service Delivering more direct, reliable express service for

Reimagining Staten Island Bus Service Delivering more direct, reliable express service for riders 1 Staten Islands express bus service was designed in the 1960s. The network has evolved through piecemeal changes since. Thats not a

220 views • 17 slides
Greater Bristol Bus Network September 2008 The project so far Initial submission to the

Greater Bristol Bus Network September 2008 The project so far Initial submission to the

Greater Bristol Bus Network September 2008 The project so far Initial submission to the Department for Transport in July 2005 Summer 2006 the DfT in agreement with the scheme Final bid in March 2007 DfT awarded 42.3m in

299 views • 13 slides
M t Metrobus b Priority Corridor Network Presented to the Board of Directors: Planning,

M t Metrobus b Priority Corridor Network Presented to the Board of Directors: Planning,

M t Metrobus b Priority Corridor Network Presented to the Board of Directors: Planning, Development and Real Estate Committee Ma May 22, 2008 22 2008 1 Presented to the Riders' Advisory Council October 1, 2008 Purpose Purpose

468 views • 21 slides
More Service. Better Service. Your Service. Why Reimagining? 12 6.0 Millions 0 10 5.0 0

More Service. Better Service. Your Service. Why Reimagining? 12 6.0 Millions 0 10 5.0 0

More Service. Better Service. Your Service. Why Reimagining? 12 6.0 Millions 0 10 5.0 0 Annual Boardings Est. 80 4.0 60 3.0 METRO has experienced a significant drop in local bus ridership 40 2.0 20 1.0 0 0.0 YEAR 1999 2000

209 views • 16 slides
Regional Integration of Public Transit - From the Perspective of a Transit Company April 2019

Regional Integration of Public Transit - From the Perspective of a Transit Company April 2019

Regional Integration of Public Transit - From the Perspective of a Transit Company April 2019 Thomas Werner MVG Munich Facts about Munich Capital of the State of Bavaria Population: City ca. 1.5 million Greater Munich area: 3 million

513 views • 24 slides
WALKING SCHOOL BUS Piedmont Triad Regional Council - Robert Johnson The PedNet Coalition

WALKING SCHOOL BUS Piedmont Triad Regional Council - Robert Johnson The PedNet Coalition

WALKING SCHOOL BUS Piedmont Triad Regional Council - Robert Johnson The PedNet Coalition Formed in April, 2000 7,000+ supporters in Columbia Mission : The Mission of the PedNet Coalition of Columbia, MO is to encourage active

439 views • 25 slides
SacRT Board Meeting February 25, 2019 Agenda Item #7 1 SacRT Forward Major Goals Included:

SacRT Board Meeting February 25, 2019 Agenda Item #7 1 SacRT Forward Major Goals Included:

Y SacRT Board Meeting February 25, 2019 Agenda Item #7 1 SacRT Forward Major Goals Included: New Regional Mobility Options Develop New Bus Network Y Engage the Public Understand Travel Demand Patterns 2 Public Involvement

885 views • 84 slides
Kirkland Transportation Commission October 26, 2016 1 Why now? By 2040 our region will increase

Kirkland Transportation Commission October 26, 2016 1 Why now? By 2040 our region will increase

Kirkland Transportation Commission October 26, 2016 1 Why now? By 2040 our region will increase by: What will it take to respond to these needs? 70% 1m 850k GROWTH in Metro service, from 3.5 million service hours to 6 million hours

311 views • 18 slides

More recommend