DHS taps UT-San Antonio to craft ISAO standards

The University of Texas at San Antonio will head up a federal effort to bring private organizations and federal agencies together to battle cyber intrusions, a top Department of Homeland cybersecurity official said.

In a Sept. 3 blog post, Andy Ozment, assistant secretary, cybersecurity and communications in DHS' National Protections and Programs Directorate said the agency selected the university to create standards that will help establish Information Sharing and Analysis Organizations (ISAOs) across the private sector.

President Obama's Executive Order 13691 – Promoting Private Sector Cybersecurity Information Sharing laid out a framework in February to help companies work together, and with the federal government, to quickly identify and protect against cyber threats. Included in the order was a mandate to fund the creation of a non-profit organization to develop a common set of voluntary standards for ISAOs.

The voluntary ISAOs expand information sharing by encouraging the formation of communities that share information not just within a sector, but across a region or in response to a specific emerging cyber threat, Ozment said.

The University of Texas at San Antonio, he said, was selected after a competitive process, and will work with existing information sharing organizations, owners and operators of critical infrastructure, federal agencies, and other public and private sector stakeholders to identify a common set of voluntary standards or guidelines for the creation and functioning of ISAOs.

According to Ozment, the university will develop its standards through open-ended engagement business communities, civil society groups, and other stakeholders, looking to produce transparent best practices that align with the needs of all industry groups.