ISA has long been a go-to source of expert testimony and commentary on all things cyber security for news organizations across all media formats.  Below is a sampling of newspaper and online  articles featuring ISA commentary.


Public News Service ReportsFarms Big and Small Prime Targets for Cyber Attacks (4.18.2015)
Officials from the FBI and the Justice Department held a roundtable recently at Iowa State University, emphasizing the seriousness of cyber attacks for a surprising target – the agriculture industry. It’s a subject familiar to Larry Clinton, president of Internet Security Alliance, an information security think tank. He says many of the agriculture industry’s closely held secrets are vulnerable.”There’s valuable soil and content data,” he explains. “There’s GMO variables. There’s pesticide and chemical formulas, genetic engineering, innovative animal breeding techniques, planting, harvesting, processing, storage, transporting. There’s a lot of important business data there.”…SOURCE

PR Newswire Reports:  Leading Figures in Cybersecurity and Privacy Advocate for an End to the War Between Privacy and Security (2.23.2016)
The ‘Digital Equilibrium Project’ works to bring differing views together in pursuit of a digital constitution to support a safer world for individuals, organizations and nations.  Cybersecurity, government and privacy experts are banding together as part of The ‘Digital Equilibrium Project’ to foster a new, productive dialogue on balancing security and privacy in the connected world. The project aims to address the underlying issues fueling acrimonious debates like the contentious court order between Apple and the U.S. Government.The diverse group includes current and former leaders of some of the world’s largest cybersecurity firms and organizations, former officials in the NSA and national law enforcement, and leaders of some of the nation’s most influential privacy organizations. These individuals believe new thinking and collaboration is needed to avert potential catastrophes as the digital and physical worlds become more interdependent…. SOURCE

Bank Info Security Reports:  Obama Creating Federal Ciso Post (2.9.2016)
President Obama is creating the position of federal chief information security officer as part of a multifaceted initiative aimed at strengthening the nation’s IT security. Related steps include the formation of a public-private Commission on Enhancing National Cybersecurity, as well as a proposal to boost government cybersecurity spending next fiscal year by 35 percent to $19 billion. “Cyberthreats are a national-security risk few of my predecessors faced, but they will be ones my successors, regardless of party, must address,” Obama wrote in a Feb. 9 Wall Street Journal op-ed….SOURCE

GCN Reports Cybersecurity Underfunded, Industry Tells Congress (1.12.2016)
Agency IT managers who believe they do not have the resources to adequately fight cybersecurity threats got some backing from industry experts who voiced the same concerns to Congress.  At a Jan. 8 hearing held by two subcommittees of the House Science, Space and Technology Committee, Larry Clinton, president and CEO of the Internet Security Alliance, told lawmakers that the government must invest more in cybersecurity and act with greater urgency. “Government needs to follow the private sector’s lead,” he said, adding that top policymakers must be better educated about cybersecurity. “Now more and more, the senior administration officials are understanding that cybersecurity is not just for the IT department.”…SOURCE

Politico ReportsSCHOOLING UNCLE SAM (1.8.2016)

Here’s the cybersecurity three-step the federal government should be doing: Spend more on cyber, implement tougher cybersecurity policies and demand that senior officials pay more attention to the issue. Those are the first three of 10 recommendations Larry Clinton, president of the Internet Security Alliance, an industry group, plans to share with two House Science subcommittees during a hearing this morning. Clinton’s other recommendations include more research into the effectiveness of government initiatives such as the National Institute of Standards and Technology’s cybersecurity framework. In his testimony, VMWare Senior Vice President Martin Casado plans to urge the government to invest more in cyber defenses inside its networks rather than on the perimeter….SOURCE

The Daily Caller ReportsAmerica is loosing the ‘Cyber Arms Race’  (1.8.2016)

The federal government is falling behind in a “cyber arms race,” putting millions of taxpayers’ personal information at risk, digital security experts told a joint hearing of two congressional subcommittees Friday. Hackers ranging from hacktivists to state-sponsored attackers will continue threatening the federal government’s digital networks to steal personal information and state secrets unless agencies make major improvements, cyber experts told the Research and Technology, and Oversight subcommittees of the House Space, Science and Technology committee….SOURCE


GovInfoSecurity Reports: Congress Set to Enact Cyberthreat Information-Sharing Law (12.17.2015)
After years of failing to enact cyberthreat information-sharing legislation, Congress is poised to vote on a measure this week that would incentivize businesses to voluntarily share threat data with the federal government and with one another. The legislation, added to a 2,009-page omnibus $1.1 trillion spending bill, also would establish a process for the government to share threat information with businesses….SOURCE

Inside Cybersecurity Reports: Internet Security Alliance president outlines cyber partnership best practices (12.10.2015)
A new study by Internet Security Alliance president Larry Clinton outlines 10 best practices for government-industry partnerships on cybersecurity, ISA announced Wednesday. The new study highlights work from a research program led by Clinton and the Department of Homeland Security and lays out best practices endorsed by the Partnership for Critical Infrastructure Protection, the body representing all DHS-designated critical infrastructure sectors. The best practices call for senior level commitment to cyber partnership process…SOURCE

Washington Examiner Reports: Industry wary of power grab by feds on cybersecurity (12.7.2015)
The National Institute of Standards and Technology is launching a new initiative designed to energize industry-led efforts on cybersecurity amid concerns that federal and state regulators are increasingly eager to put their stamp on the issue. NIST, the highly esteemed agency headquartered in Gaithersburg, Md., is releasing a “request for information” about next steps for its framework of cybersecurity standards….SOURCE

SC Magazine Reports: Prospect of regulation hovers over cyber policy landscape (12.7.2015)
As 2015 nears an end, the industry-led, standards-driven strategy on cybersecurity remains a potent policy force, while signs – and fears – of a more prescriptive regulatory approach pop up across the cyber landscape. The National Institute of Standards and Technology is pursuing ways of keeping the voluntary approach vibrant and viable, while the Federal Communications Commission, the Transportation Department, the Department of Energy and others seek to help drive an industry-led strategy to the next level. But cybersecurity leaders at major industry groups say the prospects for top-down regulation are growing stronger….SOURCE

Inside Cybersecurity Reports: NIST process could help address cyber reg concerns in finance sector (12.3.2015)
Financial sector representatives are looking to an upcoming “request for information” on the federal framework of cybersecurity standards as a way to revitalize the voluntary, industry-led approach to cyber – and to head off conflicting regulatory moves. The National Institute of Standards and Technology is expected in the coming days to release the RFI, which will launch a dialogue on next steps for the framework and provide a venue for government and industry representatives to discuss overarching cybersecurity policy issues. “The NIST framework speaks to every sector and created a means to talk to our third-parties,” said a financial industry source. “But we’re reaching an inflection point where regulators are moving away from the NIST framework in a more compliance direction.”…SOURCE

Inside Cybersecurity Reports: ISA’s Clinton: Failure to implement executive order spurs regulatory push (12.2.2015)
Incomplete efforts to implement President Obama’s “visionary” 2013 executive order on cybersecurity have created a policy vacuum that some federal and state officials are moving to fill with regulations, according to Internet Security Alliance president Larry Clinton. Representatives from 27 industry groups attended a meeting on Monday with officials from the National Institute of Standards and Technology and the White House to discuss next steps on NIST’s voluntary framework of cybersecurity standards, which was a centerpiece of Executive Order 13636.NIST in the coming days is expected to release a Request for Information on the framework. A new “Multi-Association Cybersecurity Framework Development Initiative” has formed to help guide industry’s response and efforts on the framework….SOURCE Reports: Cyber security bill passes Senate muster (11.18.2015)
Passage of long-awaited cyber security legislation will be a limited but still-useful tool that encourages businesses and the government to share data by providing liability protection. However, experts are divided on the legislation’s ultimate effect on rates for cyber insurance. In a 74-21 vote in late October, the U.S. Senate approved The Cybersecurity Information Sharing…SOURCE

Inside Cybersecurity Reports: DHS insurance report could inform development of cyber info-sharing standards (10.8.2015)
A federal report that proposes hacked companies share specific kinds of cyber incident data in a private-sector repository to help expand the nascent insurance market is drawing early praise from industry stakeholders tracking the development of cybersecurity information-sharing standards. The assessment – produced by a Department of Homeland Security advisory panel and issued in September – aims to advance an insurance industry proposal to build a repository of anonymized cyber incident data … SOURCE

SC Magazine Reports: Appetites for more: Government actions (10.1.2015)
Cybersecurity is a technical challenge. But it also usually has a legal and regulatory aspect as well. Obviously, there is the legal framework under which organizations operate and under which cybercrimes are defined and, sometimes, prosecuted. Then, of course there are the complex interactions between government security initiatives and those of the private sector. In February, an announcement by the White House of President Obama’s Executive Order (EO), contributed to the second category – opening the door to threat intelligence sharing between private and public entities….SOURCE

SC Magazine Reports: Appliance takeover?: Internet of Things  (10.1.2015)
Had the recently departed filmmaker Wes Craven lived just a few years longer, the Internet of Things (IoT) might have provided him with the perfect fodder for one of his horror classics. After all, it has all the the potential to be the stuff that nightmares – or an episode of Phineas and Ferb – are made of. Imagine smart, interconnected devices – from toasters and refrigerators to cars, planes and baby monitors – rising up during the night and revolting against their owners or society at large…SOURCE

Inside Cybersecurity Reports: DHS selection for info-share standards role praised, questioned (9.4.2015)
The Department of Homeland Security is earning praise for its decision to select a university as the standards-setting body for new cyber information-sharing entities, as some stakeholders say the function can best be delivered in a research and academic setting. But other stakeholders from industry groups and the info-sharing community said they didn’t know enough about the winning bidder – the University of Texas San Antonio….SOURCE

Inside Cybersecurity Reports: DHS nears pivotal decision on standards body for new info-sharing entities (8.10.2015)
President Obama’s push to broaden the sharing of cyber threat data both within the private sector and between government and industry by urging companies and industries to establish new cybersecurity information-sharing hubs will soon reach a pivotal decision point when the Department of Homeland Security awards a key federal grant….SOURCE

Inside Cybersecurity Reports: DHS workshop marks key phase of Obama’s cyber information-sharing push (7.27.2015)
The Department of Homeland Security will convene a workshop in Silicon Valley this week to make headway on implementing President Obama’s executive order on improving the exchange of cyber threat data between government and industry, an effort that faces significant obstacles but has captured the interest of key private-sector stakeholders. The July 30 event at San Jose State University will build on the first such workshop held June 9 in Cambridge, MA. It comes amid growing anticipation that the Senate will soon take up cybersecurity information-sharing legislation… SOURCE

The Internet Security Alliance (ISA) is proud to announce that it’s President and CEO, Larry Clinton, has been named to the “Corporate 100” which identifies the nation’s 100 most influential people in the field of corporate governance. Joining Clinton on the list are a wide range of luminaries including the 5 current members of the Securities and Exchange Commission, the 5 Directors of the Delaware Board of Chancery, the CEOs of the major audit firms, the President of the NY Stock Exchange the CEO of NASDAQ and other CEOs and industry leaders. The Internet Security Alliance is by far the smallest entity recognized on the list and Clinton is the only representative with a distinctly cyber security background….SOURCE

Today.US Reports: Evolving Threat Landscape Demands Executives Understand Cyber Risk  (7.3.2015)  
In the wake of a number of recent high-profile, damaging cyberattacks—including the recent breach of the Office of Personnel Management, which compromised the sensitive information of millions of federal employees—executives and board members are gradually becoming aware of today’s cyber threats and the potentially devastating impact these can have on their organizations. However, most executives are limited in their knowledge of security….SOURCE

MiBiz Reports: Concerns over cyber security reach corporate boardrooms of Michigan manufacturers (6.21.2015)
Manufacturing executives in West Michigan and nationwide worry that their computer networks could fall victim to security breaches similar to those that have plagued the retail sector in recent months. As industry extends its global reach and has come to rely more on digital data, cyber criminals have likewise become more innovative, adopting techniques previously reserved for cyber warfare between nation states….SOURCE