Larry Clinton Operations Officer

Internet Security Alliance lclinton@ISAlliance.org

703-907-7028 202-236-0001

The Internet Security Alliance

The Internet Security Alliance is a collaborative effort between Carnegie Mellon University’s Software Engineering Institute (SEI) and its CERT Coordination Center (CERT/CC) and the Electronic Industries Alliance (EIA), a federation of trade associations with over 2,500 members.

ISAlliance Mission

•  OPERATE A PUBLIC-PRIVATE PARTNERSHIP LEADING TO WORLD WIDE CYBER SECURITY THROUGH:

•  Thought leadership •  Information Sharing •  Cooperative projects •  Market incentives

ISAlliance Distinctions

•  International in membership and leadership

•  Inter-sectoral---like the Internet

•  Organized on business, not nation state, lines

•  ISAlliance IS a Public Private Partnership

Sponsors of ISAlliance

ISAlliance Leadership

•  Chairman of the Board, Dr. Bill Hancock, Cable and Wireless

•  Executive Director, Mr. Dave McCurdy

•  Director of CERT/cc Rich Pethia

ISAlliance Services

•  Access to CERT/cc knowledgebase including over 100 Special and Executive Communications each year

•  Regular conference calls with CERT/cc experts and other ISAlliance members to discuss trends in threat and vulnerabilities

•  Access to development of ISA/CERT products e.g. “Threat Metric” and Wireless vulnerability library

ISAlliance Services

•  Emergency calls with CERT and Sponsors if high degree of serious threats

•  Best Practices and Standards development •  Risk Management Committee •  Government Affairs/Policy Committee •  Public Relations Committee •  Membership Development and Ethics Committee

ISAlliance Services

•  Discounts of up to 15% off cyber insurance (for adopting ISA Best practices)

•  Discounts of up to 20% off CERT/cc Training, Education and conferences

•  International programs with business development potential

•  Featured spots on forums and conferences •  Sponsorship opportunities •  Regular updates

ISA Services in Development

•  Return on Investment research and publicity •  Greater coordination with international CERTs and

other organizations •  Making information more analytical, in addition to

factual •  Quarterly cyber security research summaries •  Expanded Executive Education •  Expanded definition of Internet threats

Adopt and Implement ISAlliance Best Practices

•  Cited in US National Draft Strategy to Protect Cyber Space (September 2002)

•  Endorsed by TechNet for CEO Security Initiative (April 2003)

•  Endorsed US India Business Council (April 2003)

ISAlliance/CERT/cc Special Communications

Benefits of Information Sharing Organizations

•  May lesson the likelihood of attack

“Organizations that share information about computer break ins are less attractive targets for malicious attackers.” – NYT 2003

•  Participants in information sharing have the ability to better prepare for attacks (Harvard study 2003)

Examples of Successful ISAlliance Information Sharing I

•  SNMP vulnerability –  October 2001 CERT notified ISAlliance members of SNMP

vulnerability. CERT provides protection advise to membership while waiting for patch development.

–  CERT provides ISAlliance members with updates in November, January 4, January 16, Feb. 7. ISAlliance conference calls discuss remediation, press relations and use of vendor patches.

–  SNMP Publicly disclosed Feb. 12, 2002. –  No ISAlliance members are affected by SNMP

Examples of Successful Information Sharing II

•  SLAMMER WORM 2002-2003

•  May 2002, CERT Notifies ISAlliance members of slammer vulnerability. Provides advise for protection while awaiting patch

•  July 2002 Microsoft provides patch •  January 2003 Slammer Worm attacks, fastest

infection rate to date.

Examples of Successful Information Sharing III

•  July 2003 CISCO IOS Interface •  July 16, acting on information from Cisco, CERT

informs ISAlliance members of vulnerability advises applying Cisco patch and steps that can be taken until the patch is applied.

•  July 17 ISAlliance Exec Communication & conference call

•  July 18 ISAlliance Exec Communication & call

Why ISAlliance Info Sharing Succeeds

•  CERT/cc leadership and credibility

•  History (2 years) and regularity build trust

•  Inter-sectoral/International membership not inhibited by competitive concerns

•  Success breeds success

ISAlliance Cyber-Insurance Program

•  Coverage for members

•  Market incentive for increased security practices

•  10% discount off best prices from AIG

•  Additional 5% discount for implementing ISAlliance Best Practices (July 2002)

•  Discounts more than offset sponsorship dues

US Policy Initiatives

•  New Dept. Homeland Security (DHS) •  Creation of separate Cyber Security Division in

DHS •  Congressional Committee on Homeland Security •  Creation of Congressional Cyber Security

Committee •  Bilateral/Multi lateral outreach

ISAlliance Board Meeting

•  Meetings with White House •  Meetings with DHS •  Meetings with Congressional leadership in Cyber

Security ---Chairman Thornberry ---Chairman Putnam ---Chairman Boehlert ---Vice Chairmen and “Ranking Members”

Emerging Policy Issues

•  R&D funding •  Information Sharing legislation •  International Coordination •  Regulation Proposals •  ---Govt. Security Standards •  ---Private Sector Audits and SEC reporting on

Cyber security •  ---Expand Govt. standards to Private Sector

International Outreach---India

•  Confederation of Indian Industries/US-India Business Council/ISAlliance

•  6 Teleconferences discussing cyber security issues and needs (summer 2003)

•  US tour for Indian companies seeking partnerships in America (fall 2003

•  ISAlliance trip to India including ISA/CERT Training (winter 2003/4) implementing a “gold standard of cyber security

International Cooperation/OAS Region

•  OAS invites ISAlliance and CERT to join first regional conference. (July 28-29, 2003)

•  OAS asks ISA to build on India model

•  Invitations to visit Caribbean, Canada and E. Europe

International Cooperation---Japan

•  2002 ISAlliance publishes best Practices in Japanese. Creates Japanese Micro site on web (first foreign language

•  2002 Dave McCurdy visits Japan meets with Japanese Ministry of JEDA and CIAJ

•  2003 ISAlliance joined by three Japanese based

companies, Sony, NEC, Mitsubishi

•  Partnership?

Larry Clinton Operations Officer

Internet Security Alliance lclinton@isalliance.org

703-907-7028 202-236-0001