ISA has a long history of providing cutting-edge programs on information sharing.
ISA was founded in 2000 as an exclusive partnership with Carnegie Mellon CERT/cc to initially provide the private sector with Internet threat, vulnerability and mitigation information, which, up until that point, had only been available to the U.S. federal government.
With the advent of DHS, the US CERT, and entry of other information providers, ISA has focused instead on evolving a more contemporary model of information sharing that will generate more timely and actionable information than is generally available to the private sector. ISA uses its multiple relationships with the federal government to facilitate this operational capability and advocate for modernizing the information sharing system to make it more useful.
Among the cutting-edge efforts ISA has championed is the Stonewall program modeled on the methods that ISA sponsors, such as Raytheon as well as others, have developed in the face of the Advanced Persistent Threat (for more information on Raytheon’s command and control disruption strategy, please click here for Jeff Brown’s publication).
ISA first proposed this program in 2009 as part of the 60-day Cybersecurity Review undertaken by Melissa Hathaway, which ultimately led to President Obama’s “Cyberspace Policy Review,” a publication wherein the ISA program is referenced (click here for report). The program is also endorsed by the multi-trade association white paper on cyber security and was featured in a Congressional Cyber Security Caucus briefing hosted by its Co-Chairs, Congressmen Mike McCaul (R-TX) and Jim Langevin (D-RI), as well as in a briefing before the House Republican Cybersecurity Task Force chaired by Mac Thornberry (R-TX).
Based on the experience of ISA’s DIB members, ISA has also promoted expanding certain elements of the DIB Information Sharing Program. With appropriate modifications, ISA believes that elements from this Program can serve as models for other sectors.
Such promotion activities by ISA have been highly effective. In February 2013, President Obama issued Executive Order 13636: Improving Critical Infrastructure Cybersecurity (click here to read the Executive Report), which announced the creation of an indicator sharing program similar to the one espoused by ISA. In a bipartisan effort, U.S. House of Representatives passed the “Cyber Intelligence Sharing and Protection Act” (CISPA) in April 2013. This legislation, like the indicator sharing program announced in the Presidential Executive Order, utilizes the market and market incentives to enhance cybersecurity indicator sharing while protecting civil liberties.