Upload
isalliance
View
217
Download
0
Embed Size (px)
Citation preview
7/31/2019 2005 04 08 Larry Clinton Presentation Concerning Japanese Nippon Keidanren Proposal
1/20
Sponsors
7/31/2019 2005 04 08 Larry Clinton Presentation Concerning Japanese Nippon Keidanren Proposal
2/20
Nippon Keidanren
Proposal March 15, 2005 INFO SECURITY AS A BUSINESS CHALLENGE(page 4)
Information security has become a matter of
compliance and in contracts between companies
there are increasing number of cases in which the
certification of a third party institution is soughtwith regard to information security
7/31/2019 2005 04 08 Larry Clinton Presentation Concerning Japanese Nippon Keidanren Proposal
3/20
ISAlliance Related
Actions MODEL CONTRACTS
ISAlliance Board approved a model contractsproject in December 04
ISAlliance, in conjunction with the American BarAssociation will develop a series of model contractsprovisions by 3rd quarter 2005
7/31/2019 2005 04 08 Larry Clinton Presentation Concerning Japanese Nippon Keidanren Proposal
4/20
Nippon Keidanren
Proposal March 15, 2005 INFORMATION SECURITY AS A BUSINESSCHALLENGE (page 4)
Furthermore, internationally as well there appears tobe a situation in which companies which are not
making efforts in the area of information securityare excluded from partnerships
7/31/2019 2005 04 08 Larry Clinton Presentation Concerning Japanese Nippon Keidanren Proposal
5/20
ISALLIANCE RELATED
ACTIVITY ISA companies are beginning to encourage ISAmembership of their partners to provide an
incentive for continued business relationships
E.g.. Nortel
7/31/2019 2005 04 08 Larry Clinton Presentation Concerning Japanese Nippon Keidanren Proposal
6/20
Nippon Keidanren
Proposal March 15, 2005 FOSTERING A CULTURE OF SECURITY(page 5)
In modern network societies various entities areconnected through networks and it is not sufficient
to think about information security measures of asingle company.
7/31/2019 2005 04 08 Larry Clinton Presentation Concerning Japanese Nippon Keidanren Proposal
7/20
ISAlliance Related
Activity ISAlliance is not a security consultantit is asecurity trade association
International Cross-sectoral Programs for collective security (best practices/
market incentives/certifications/
wholesale memberships for small business)
7/31/2019 2005 04 08 Larry Clinton Presentation Concerning Japanese Nippon Keidanren Proposal
8/20
Nippon Keidanren
Proposal March 15, 2005 AWARENESS OF INFO SECURITY REQUIREINGMATURITY (page 5)
In order to avoid accidents(preventative)
measures alone are not sufficient. Taking rational
measures means implementingin accordance with
the level of importance of the information that acompany should protect and risk.
7/31/2019 2005 04 08 Larry Clinton Presentation Concerning Japanese Nippon Keidanren Proposal
9/20
ISAlliance Related
Activity ISAlliance Risk Management Project
In December 2004 ISAlliance, in conjunction withCarnigie Mellon University CyLab started a RiskManagement Working Group
Will create best practices and data base toimprove ROI by end of 2005
7/31/2019 2005 04 08 Larry Clinton Presentation Concerning Japanese Nippon Keidanren Proposal
10/20
Nippon Keidanren
Proposal March 15, 2005 ISSUES FOR COMPANIES REGARDING
INFORMATION SECURITY MEASURES (1)
UNDERSTANDING AND LEADERSHIP FROM TOP
MANAGEMENT (page 6)
There is still not a scheme in the market mechanism
for companies to be praised. Even if information
security measures are implemented seriously theywill not be highly valued.
7/31/2019 2005 04 08 Larry Clinton Presentation Concerning Japanese Nippon Keidanren Proposal
11/20
ISAlliance Related
Activities Best Practices for Senior Manager Guide Lead Corporate Information Security Working
Group (US Congress) on Incentives
Insurance Incentive Program to lower business costsfor adherence to best practices
Risk Management/ROI Project Awards program
7/31/2019 2005 04 08 Larry Clinton Presentation Concerning Japanese Nippon Keidanren Proposal
12/20
Nippon Keidanren
Proposal March 15, 2005 ISSUES REQUIRING EFFORTS BY BOTH
COMPANIES AND GOVERNMENTS (page 11)
(i) (T)he public and private sectors can createquantitative indicators regarding information
security risks and share standards that will enableimplementation of rational measures in accordance
with risks.
7/31/2019 2005 04 08 Larry Clinton Presentation Concerning Japanese Nippon Keidanren Proposal
13/20
ISALLIANCE RELATED
ACTIVITY ISAlliance/CyLab network certification program
Will be discussed in Pittsburgh Wednesday
7/31/2019 2005 04 08 Larry Clinton Presentation Concerning Japanese Nippon Keidanren Proposal
14/20
Nippon Keidanren
Proposal March 15, 2005 (ii) The Public and Private Sectors could jointly hold
an information security summit (page 11)
7/31/2019 2005 04 08 Larry Clinton Presentation Concerning Japanese Nippon Keidanren Proposal
15/20
ISAlliance Related
Activities 2003 US national Cyber Summit ISAlliance asked to produce best Practices for
Small Businesses
ISAlliance Creates Wholesale membershipProgram for small businesses (including
international)
ISAlliance Chairs National Cyber SecurityPartnership Meeting with DHS for 2005
7/31/2019 2005 04 08 Larry Clinton Presentation Concerning Japanese Nippon Keidanren Proposal
16/20
Nippon Keidanren
Proposal March 15, 2005 (iii) The public and private sectors should actively
participate in international arenas in which
information security is discussed from a range of
perspectives. (page 12)
7/31/2019 2005 04 08 Larry Clinton Presentation Concerning Japanese Nippon Keidanren Proposal
17/20
ISAlliance Related
Activities ISAlliance Membership of 4 Continents
20% ISAlliance Board is non-US based
McCurdy 7 Clinton visit Japan, India, LatinAmerica, Australia in 2004/2005
ISA Hosts World Electronics Forum 2004
7/31/2019 2005 04 08 Larry Clinton Presentation Concerning Japanese Nippon Keidanren Proposal
18/20
Nippon Keidanren
Proposal March 15, 2005 (v) Industry, academia and government should
collaborate in providing and fostering human
resources of information security. (page 12)
7/31/2019 2005 04 08 Larry Clinton Presentation Concerning Japanese Nippon Keidanren Proposal
19/20
ISAlliance Related
Activity ISAlliance is a Collaboration between Electronics
Industry Alliance and CyLab at Carnigie Mellon
ISAlliance Provides Corporate Members (includinginternational) Access to information on secure US-CERT/ISA Portal
DHS has endorsed ISA best Practices
7/31/2019 2005 04 08 Larry Clinton Presentation Concerning Japanese Nippon Keidanren Proposal
20/20
CONTACT
INFORMATIONLarry Clinton
Chief Operating Officer
Internet Security Alliance
(703) 907-7028