Today I am pleased to announce our selection of the University of Texas at San Antonio as theInformation Sharing and Analysis Organizations (ISAO) Standards Organization. The selection followed a competitive process to designate an organization to create standards to assist in the widespread establishment of ISAOs. ISAOs will serve as focal points for cybersecurity information sharing and collaboration within the private sector and between the private sector and government.
The University of Texas at San Antonio will work with existing information sharing organizations, owners and operators of critical infrastructure, federal agencies, and other public and private sector stakeholders to identify a common set of voluntary standards or guidelines for the creation and functioning of ISAOs, as provided by Executive Order 13691 – Promoting Private Sector Cybersecurity Information Sharing. In encouraging the rapid creation of ISAOs, the Executive Order expands information sharing by encouraging the formation of communities that share information not just within a sector but across a region or in response to a specific emerging cyber threat.
ISAOs will contribute greatly to our national efforts to expand the breadth and speed of cybersecurity information sharing, which in turn is key to our shared effort to reduce the prevalence and impact of cybersecurity incidents. The ISAO standards developed by the University of Texas at San Antonio will reflect the most effective and innovative ideas from the public and private sectors. Through a public, open-ended engagement with business communities, civil society groups, and other stakeholders, the University of Texas at San Antonio will develop transparent best practices that align with the needs of all industry groups.
I highly encourage all organizations to support, partner with, and participate in the standards development effort. This support will ensure that the ISAO standards most effectively promote secure, rapid, and widespread information sharing that helps organizations detect and block increasingly sophisticated cybersecurity threats.