President Obama issued an executive order in February 2015 to develop standards for the creation of and collaboration with ISAOs. In October 2015, the U.S. Department of Homeland Security selected a team led by The University of Texas at San Antonio as its Information Sharing and Analysis Organizations (ISAO) Standards Organization to be responsible for developing cybersecurity information sharing standards and collaboration between the private sector and government. The other initial members of the team were the Logistics Management Institute (LMI) and the Retail Cyber Intelligence Sharing Center (R-CISC).
The ISAO Standard Organization’s efforts, led by Dr. Greg White, director of the UTSA Center for Infrastructure Assurance and Security and a professor of computer science, were provided a $2 million annual grant to work with the private sector and federal agencies to develop those guidelines for sharing and collaboration.
Read the full news announcement here.
Since its creation, the ISAO Standards Organization has published regular reports to recap progress and growth of the information sharing ecosystem. These reports cover a variety of information about the efforts of the executive team, working groups and community at large.
Working groups
After the ISAO Standards Organization was established, working groups were developed to identify guidelines for the creation and functioning of ISAOs that were project focused. Each project was led by a volunteer with support from the members.
Supporting members actively participated with their time and talent to develop documents that are still accessible today. The working groups did not have a limit to the number of volunteers that could contribute to the development of documents.
Public comments help guide the working groups as they develop proposed ISAO standards and guidelines. Public input was collected at two distinct phases of the standards development process. First, valuable input was gathered on requirements before draft versions of ISAO standards and guidelines were developed. Second, public input was considered while those standards were being developed. Working groups took this feedback into account before finalizing a document.
Recent working group topics include:
- International
- Objective: Provide ISAOs with the knowledge required to make informed decisions regarding the sharing of cybersecurity information across national borders and the addition of international members. Discuss and address the advantages, obstacles, and global restrictions that may impact how ISAOs operate.
- Government Relations
- Objective: Identify and address issues associated with ISAO interactions with the intelligence community, law enforcement, U.S. regulators, and Homeland Security.
Our Activities
To engage the information sharing community, the ISAO Standards Organization has hosted various opportunities to directly engage the members to support their development and provide insights into emerging trends.
Immediately after its creation, the ISAO Standards Organization hosted public forums – both online and in-person – to update the public on the progress of document development from each Working Group Chair or Co-Chair. Complementing these forums were roundtables for new and emerging ISAOs. Roundtables provided an opportunity to share knowledge with subject matter experts and ask questions regarding Information Sharing and Analysis Organizations.
Annual International Sharing Conferences have also been a highlight throughout the years. These two-day events, held at different locations throughout the U.S., included participation from the Department of Homeland Security, the U.S. Chamber of Commerce, senior government and international thought leaders, technology demonstrations and keynote addresses from various industries.
More recently, the ISAO Standards Organization pivoted to virtual webinars and ecosystem spotlights to focus on various topics of interest and engage the public directly on documents that were open for feedback.
Our Partners
In an effort to grow the ISAO community, the ISAO SO has developed key strategic partnerships to fulfill the mission of improving the nation’s cybersecurity posture.
InfraGard
InfraGard is a partnership between the FBI and the private sector. It is an association of people who represent businesses, academic institutions, state and local law enforcement agencies, and other participants dedicated to sharing information and intelligence to prevent hostile acts against the United States.
Each InfraGard Members Alliance (IMA) is geographically linked with an FBI field office, providing all stakeholders immediate access to experts from law enforcement, industry, academic institutions, and other federal, state, and local government agencies. By leveraging the talents and expertise of the InfraGard network, information is shared to mitigate threats to critical infrastructure and key resources. Collaboration and communication are the keys to protection. Providing timely and accurate information to those responsible for safeguarding our critical infrastructures, even at a local level, is paramount in the fight to protect the United States and its resources.