DOCUMENT #:
GSC14-GTSC7-004
FOR:
For Information
SOURCE:
ANSI
AGENDA ITEM:
Agenda Item 6, Information Sharing Subjects, Cybersecurity
CONTACT(S):
Joe Bhatia, ANSI rep to GSC-14
Submitted as an Information Sharing Subject
(ISS) for
the High Interest Subject of “Cybersecurity”
GTSC Agenda Item 4.2
1
ANSI Activities Related to
Cybersecurity
Information Sharing Subject
From ANSI
Submitted for Joe Bhatia
ANSI representative to GSC-14
2
ANSI Interests in Cybersecurity

Much is covered in ANSI Homeland Security Standards
Panel (ANSI HSSP)


ANSI agreements with Internet Security Alliance (ISA)


www.isalliance.org/
ANSI has Publications in this area


www.ansi.org/hssp
webstore.ansi.org/cybersecurity.aspx
ANSI is Secretariat to ISO/IEC JTC1 which has many
groups involved in Cybersecurity standardization


www.jtc1.org
Especially see SC27
GSC-14
July 2009
Slide 3
ANSI Interests in Cybersecurity

ANSI provided a Chairman for the ISO Strategic Advisory Group on
Security (SAG-S) which had liaison with ITU and other members of
WSC


Currently a hot topic in USA, from Industry, Regulatory, and
Legislative perspectives





www.iso.org/iso/iss_iso-iec-itu-t_sag-on-security.htm
www.whitehouse.gov/the_press_office/Cybersecurity-event-fact-sheet-andexpected-attendees/
www.whitehouse.gov/the_press_office/Remarks-by-the-President-on-SecuringOur-Nations-Cyber-Infrastructure/
www.whitehouse.gov/cyberreview/
www.whitehouse.gov/assets/documents/Cyberspace_Policy_Review_final.pdf
Cybersecurity ties into ANSI IDSP and ANSI HITSP from ID Theft and
Privacy Perspectives, and other initiatives in the USA such as “Smart
Grid,” and Process Control or SCADA Systems.
GSC-14
July 2009
Slide 4
ANSI & ISA
The Financial Impact of Cyber Risk – 50 Questions
Every CFO Should Ask



Joint initiative of the Internet Security Alliance (ISA)
and ANSI, to identify and respond to the current needs
of the C-suite community regarding cyber risks.
Phase I focused on providing questions
organizations/CFOs should be asking and guidance on
the identification and quantification of the financial risk
associated with cyber security.
Phase II will focus on filling out the framework to make
better informed decisions related to cyber risk from an
economic standpoint.
GSC-14
July 2009
Slide 5
Past and Future Activities



In accordance with implementing the recommendations
form the 9/11 Commission Act of 2007 ANSI and ISA
launched a joint workshop initiative on cybersecurity.
Phase I meetings held in March, May and July of 2008
Phase II Workshop:




Friday July 31, 2009; 9:00 a.m. – 4:15 p.m.
Zurich North America, 1 Liberty Plaza, New York, NY
10006
Open to all stakeholders that represent SDOs, consortia
and other forums, industry, government and consumers.
Space is limited so registration is required.
GSC-14
July 2009
Slide 6
Further Information
Further information on ANSI’s cybersecurity
efforts are available at:
www.ansi.org/hssp
GSC-14
July 2009
Slide 7