The Internet Security Alliance (ISA) and The European Confederation of Directors’ Associations (ecoDa) announced a partnership to develop a handbook on cyber-risk management for European corporate boards of directors.
“No company is immune to the threat of cyber attack. Therefore, we at ecoDa together with ISA are developing a European culture of cybersecurity and invite board members to define appropriate crisis management procedures. European Boards have to be familiar with the concept of integrated defense. They should avoid responding to cyber attacks in a piecemeal way,” said Béatrice Richez-Baum, Director General at ecoDa.
The new handbook, which will be co-branded by ISA, AIG and ecoDa, will be based on the Cyber Risk Handbooks ISA has previously developed for the U.S. National Association of Corporate Directors and adapted versions created for the United Kingdom and Germany and Latin America. ISA, AIG and ecoDa have already begun the work on the pan-European version of the Cyber Risk Handbook to be published later in 2019.
“The ISA is enthused to work with ecoDa to help expand sophisticated cyber risk governance,” said Larry Clinton, ISA’s President. “Through the multiple workshops and webinars, we have done with corporate directors globally we have found that there are several core principles of cyber risk governance that seem to translate quite well across national boundaries. However there are a number of adaptations that need to be done to address the unique cultural, legal, and business differences in various environments. Working with the ecoDa community we will identify these differences and weave them into an emerging global framework of cyber risk governance that can be practiced at the highest levels of industry,” said Clinton.
The U.S. handbooks have been endorsed by the US Department of Homeland Security and Department of Justice and the German edition was a co-production with the German government’s Federal Office for Information Security, known as BSI. Pricewaterhouse Coopers has also evaluated the previous handbooks and determined that their use improved cybersecurity budgeting, risk management, alignment of business goals with cybersecurity and helped create a culture of security within the enterprises that use them.
ecoDa is the leading authority on board governance in Europe – representing 55,000 European board directors through its member organizations. ecoDa’s member organizations represent board directors – including large listed companies as well as small firms – from across Europe. ecoDa’s mission is to promote the role of directors and governance, to influence European decision-making and to provide services to its member organizations. ecoDa also works to facilitate the creation and development of national director institutes.
ISA is a multi-sector trade association with the mission of integrating advanced technology with economics and public policy to help create a sustainable system of cybersecurity. SA works with both private sector partners like NACD, ecoDa and the Center for Audit Quality as well as governments internationally on thought leadership, developing effective public policy and promoting the use of effective cybersecurity standards and practices.