The head of the nearly year-old ISAO Standards Organization, Greg White, describes how fledgling Information Sharing and Analysis Organizations can help create an information sharing ecosystem aimed at making IT more secure at enterprises of all sizes.
President Obama, in an early 2015 executive order, proposed the creation of ISAOs by encouraging the formation of communities to share cyber threat information across a region or in response to a specific cyber threat. An ISAO could be a not-for-profit community, a membership organization or a single company facilitating sharing among its customers or partners (see Private Sector to Develop ISAO Standards).
ISAOs (pronounced eye-sows - as in cows) should focus on sharing information beyond a specific incident response, says White says in an interview with Information Security Media Group.
Sharing Solutions
"That's limiting; that really limits the type of information sharing that can go on," says Greg White, executive director of the ISAO Standards Organization, which is developing guidance for fledgling ISAOs. "There's a lot of information sharing that can occur before incidents that will help individuals with their security posture. Different entities, those who may have more robust security programs could help those who have less robust security programs by telling them, 'Okay, here's what we've done; here's what we've seen; here's how we handled this; here's how we've conduct these kind of operations.' There's a lot of learning that can go on."
In the interview (click on player beneath image to listen), White:
Explains the difference between ISAOs and ISACs, Information Sharing and Analysis Centers, serving most critical infrastructure sectors; Discusses how the smaller ISAOs can help build trust among members, a key element in sharing cyberthreat information; and Reviews some of the early activities of the ISAO Standards Organization.Mariachi and ISAOs
White, in the interview, also employs the hypothetical Mariachi band sector to demonstrate how ISAOs work.
A computer science professor focused on information security at the University of Texas at San Antonio, White also serves as the executive director of the Center for Infrastructure Assurance and Security at the university.
White, who holds a Ph.D. in computer science from Texas A&M University, has spent 30 years in the Air Force and Air Force Reserves, and helped build the nation's first undergraduate information warfare laboratory at the U.S. Air Force Academy.