This post first appeared at [email protected]
The Information Sharing and Analysis Organization Standards Organization (ISAO SO) held its Third Public Forum on May 18–19 in Anaheim, California. More than 100 participants from academia, government, and industry sectors, including multiple participants from Intel, assembled to discuss the initial drafts recently published by the IASO SO and its working groups. Until now, the organization has had challenges mainly due to the ISAO SO development effort having to start from a totally blank slate. Over the past six months, the effort established working groups, recruited members, set up a collaboration infrastructure, and actively began developing guidelines for information sharing and analysis organizations.
As with any consensus development effort, quite often it takes time for those involved to develop consensus around direction, scope, and depth of content. It is even harder when the organization assisting the individual working groups is itself brand new. As you might expect, initial struggles were encountered getting the needed infrastructure in place to facilitate collaboration. There were questions as to what each of the working groups was going to be responsible for delivering and where the swim lanes were. Even the shape of the final deliverables was a hot discussion item. I am happy to report those issues are now largely behind us.
On May 18, the ISAO SO and all working group leaders met for the first time in person. It was obvious there were still issues to be addressed, but it was nice to see those issues were focused around the topics that involve overlapping and integrated efforts requiring the work of multiple working groups coming together. One of the positive outcomes of the meeting was a plan to structure the ISAO guidelines documentation to make it much more useful to a global audience.
In addition to the leadership meeting, the individual working groups met to discuss their current draft guidance. The meetings of the Information Sharing Working Group (SWG3) I chair were well attended and extremely productive. We discussed where we were, what we have produced to date, and the plan going forward. After struggling through foundational conversations—trying to define where we want to now focus our efforts given the initial guidance we produced—it was obvious there was a real positive attitude within the working group. From talking with other working group chairs, that spirit seemed to be prevalent throughout.
On May 19, a public meeting was held with discussions on the ISAO Vision, delivered by Dr. Greg White, the Executive Director of the ISAO SO; a CISA Guidance Update presented by Matthew Shabat of the US Department of Homeland Security; and “Interoperability, Automation & Sharing @ Net Speed” given by Dr. Peter Fonash, Chief Technology Officer, Cybersecurity and Communications, also with Homeland Security. Following those, each of the working groups briefly discussed their current work and opened the floor to attendee comments. The conversations were lively and challenging at times and all were very productive. I encourage you to continue the dialogue by commenting on the initial draft guidance.
While there is still a great deal to do and accomplish, it is rewarding to see the ISAO SO effort making substantial progress. As we left Anaheim it was obvious there was real enthusiasm, optimism, and a focused resolve toward advancing the cyber threat information sharing needed to improve our organizational, national, and global security postures.
The post ISAO Group Hosts Productive 3rd Public Meeting appeared first on McAfee.