Enterprise Participation Update

By: 

Enterprise Participation is off to a great start. Launched back in late March, our new guidelines allow for two new communities of REN-ISAC Member Representatives -- General and Officer -- in addition to our traditional Security Operations (Ops) community.

The General community is aimed at practitioners whose operational security responsibilities are focused on particular systems or departments, or, whose responsibilities are not strictly "security operational", such as risk, compliance, and identity and access management. So far, we have 34 new member reps in this category. The Officer community is meant for decision makers with a stake in information security (think CIO, CTO, AVP). This community was pre-populated with existing Management Representatives, so the actual number is a little misleading (it's over 580). However, we have 5 member reps in the Officer community who are not Management Representatives.

REN-ISAC is now working on the next challenges to support our new guidelines. First, we need to provide more support documentation and resources for the members of these new communities. We're also tasked with ensuring that the materials are easy to find. Second, we wish to emphasis to all our members the importance of our Information Sharing Policy. Trust among our members is linked to this policy. Knowing that information shared within REN-ISAC stays within REN-ISAC is vitally important. In support of these two challenges, watch for changes to our public website (where a lot of members begin searches for information) and on the Member Wiki.

In the paragraph above, it would be a disservice to gloss over the phrase "provide resources for the members of these new communities". That's a tough challenge if we hope, for example, to have an Officer community as engaged and interactive as our Ops community. We know that's a high standard, but we want those in the General and Officer communities to feel connected and to learn from one another in a secure and private setting. That is something we need your help with.

As we begin to turn on new mailing lists and self-service options, we hope to see the seasoned veterans among you join in the new conversations that will occur. Whether it's advice on cyber insurance, risk management, or compliance with some new standard or regulation, we know there are literally hundreds of member reps with something to contribute on any given topic. And REN-ISAC, and the framework of trust you've helped to shape and create, will be there to help nurture all that sharing....