2005 04 08 Larry Clinton Presentation Concerning Japanese Nippon Keidanren Proposal

7/31/2019 2005 04 08 Larry Clinton Presentation Concerning Japanese Nippon Keidanren Proposal

1/20

Sponsors


2/20

Nippon Keidanren

Proposal March 15, 2005 INFO SECURITY AS A BUSINESS CHALLENGE(page 4)

Information security has become a matter of

compliance and in contracts between companies

there are increasing number of cases in which the

certification of a third party institution is soughtwith regard to information security


3/20

ISAlliance Related

Actions MODEL CONTRACTS

ISAlliance Board approved a model contractsproject in December 04

ISAlliance, in conjunction with the American BarAssociation will develop a series of model contractsprovisions by 3rd quarter 2005


4/20

Nippon Keidanren

Proposal March 15, 2005 INFORMATION SECURITY AS A BUSINESSCHALLENGE (page 4)

Furthermore, internationally as well there appears tobe a situation in which companies which are not

making efforts in the area of information securityare excluded from partnerships


5/20

ISALLIANCE RELATED

ACTIVITY ISA companies are beginning to encourage ISAmembership of their partners to provide an

incentive for continued business relationships

E.g.. Nortel


6/20

Nippon Keidanren

Proposal March 15, 2005 FOSTERING A CULTURE OF SECURITY(page 5)

In modern network societies various entities areconnected through networks and it is not sufficient

to think about information security measures of asingle company.


7/20

ISAlliance Related

Activity ISAlliance is not a security consultantit is asecurity trade association

International Cross-sectoral Programs for collective security (best practices/

market incentives/certifications/

wholesale memberships for small business)


8/20

Nippon Keidanren

Proposal March 15, 2005 AWARENESS OF INFO SECURITY REQUIREINGMATURITY (page 5)

In order to avoid accidents(preventative)

measures alone are not sufficient. Taking rational

measures means implementingin accordance with

the level of importance of the information that acompany should protect and risk.


9/20

ISAlliance Related

Activity ISAlliance Risk Management Project

In December 2004 ISAlliance, in conjunction withCarnigie Mellon University CyLab started a RiskManagement Working Group

Will create best practices and data base toimprove ROI by end of 2005


10/20

Nippon Keidanren

Proposal March 15, 2005 ISSUES FOR COMPANIES REGARDING

INFORMATION SECURITY MEASURES (1)

UNDERSTANDING AND LEADERSHIP FROM TOP

MANAGEMENT (page 6)

There is still not a scheme in the market mechanism

for companies to be praised. Even if information

security measures are implemented seriously theywill not be highly valued.


11/20

ISAlliance Related

Activities Best Practices for Senior Manager Guide Lead Corporate Information Security Working

Group (US Congress) on Incentives

Insurance Incentive Program to lower business costsfor adherence to best practices

Risk Management/ROI Project Awards program


12/20

Nippon Keidanren

Proposal March 15, 2005 ISSUES REQUIRING EFFORTS BY BOTH

COMPANIES AND GOVERNMENTS (page 11)

(i) (T)he public and private sectors can createquantitative indicators regarding information

security risks and share standards that will enableimplementation of rational measures in accordance

with risks.


13/20

ISALLIANCE RELATED

ACTIVITY ISAlliance/CyLab network certification program

Will be discussed in Pittsburgh Wednesday


14/20

Nippon Keidanren

Proposal March 15, 2005 (ii) The Public and Private Sectors could jointly hold

an information security summit (page 11)


15/20

ISAlliance Related

Activities 2003 US national Cyber Summit ISAlliance asked to produce best Practices for

Small Businesses

ISAlliance Creates Wholesale membershipProgram for small businesses (including

international)

ISAlliance Chairs National Cyber SecurityPartnership Meeting with DHS for 2005


16/20

Nippon Keidanren

Proposal March 15, 2005 (iii) The public and private sectors should actively

participate in international arenas in which

information security is discussed from a range of

perspectives. (page 12)


17/20

ISAlliance Related

Activities ISAlliance Membership of 4 Continents

20% ISAlliance Board is non-US based

McCurdy 7 Clinton visit Japan, India, LatinAmerica, Australia in 2004/2005

ISA Hosts World Electronics Forum 2004


18/20

Nippon Keidanren

Proposal March 15, 2005 (v) Industry, academia and government should

collaborate in providing and fostering human

resources of information security. (page 12)


19/20

ISAlliance Related

Activity ISAlliance is a Collaboration between Electronics

Industry Alliance and CyLab at Carnigie Mellon

ISAlliance Provides Corporate Members (includinginternational) Access to information on secure US-CERT/ISA Portal

DHS has endorsed ISA best Practices


20/20

CONTACT

INFORMATIONLarry Clinton

Chief Operating Officer

Internet Security Alliance

(703) 907-7028

[email protected]

Documents

2005 04 08 Larry Clinton Presentation Concerning Japanese Nippon Keidanren Proposal