In the column Best practices: Getting the most out of industry association memberships, author Al Berg offers six key practices for achieving ROI from information security
Information Sharing and Analysis Centers
The idea behind an ISAC is to provide members with information on risks, vulnerabilities and threats specific to their businesses. Typically, the ISAC serves as a clearinghouse, publishing bulletins based on analysis of information from the press, government, and most importantly, reports of incidents from its members. The ISAC Council (www.isaccouncil.org) is a group of ISACs related to critical infrastructures such as Finance, Telecom, Information Technology, Energy, Transport and Water supply.
Information Security Forum
This organization is headquartered in London and is focused on large organizations. The ISF publishes a large number of reports and guides on topics ranging from security policies to risk assessment to configuration of systems such as Windows and Unix. To get a flavor of their publications, you can download their "Standard of Good Practice" document for free from www.isfsecuritystandard.com. The ISF sponsors an annual Congress of its members. Information on the ISF is available at www.securityforum.org.
The Center for Internet Security
The Center for Internet Security (www.cisecurity.org) is focused on the production of benchmarks and measurement tools to allow organizations to better secure their systems. Available for download from the CIS Web site, these guides provide step by step instructions on security settings for Windows, Unix, Oracle, routers and more. Membership allows an organization to use these tools and benchmarks in commercial activity.
The Internet Security Alliance
The Internet Security Alliance (www.isalliance.org) is a collaborative effort between the CERT Coordination Center at Carnegie Mellon University and the Electronic Industries Alliance (EIA). Members of the ISA receive early access to CERT warnings as well as publications providing analysis of current threats, vulnerabilities and best practices, and the opportunity to participate in subcommittees dealing with topics such as government relations and security standards.
Forum of Incident Response and Security Teams
FIRST, the Forum of Incident Response and Security Teams (www.first.org), focuses on bringing together information security incident response teams to share best practices, experiences and information. FIRST sponsors meetings and conferences, technical colloquia, mailing lists and Web repositories where teams can share information as well as other resources. FIRST membership requires nomination by an existing member as well as a site visit. The FIRST Web site is unique in that it very clearly spells out what is expected of member organizations and individuals.
This was first published in July 2004