Alexandria, VA, USA (3 March 2016) – ASIS International (ASIS), (ISC)² and ISACA, the preeminent professional associations for physical, cyber and information security, have signed an MOU to develop a Security Awareness American National Standard. This guidance standard will address the intersections of physical, cyber and information security management to help organizations of all sizes maximize protection of people, property, and assets.
In an increasingly complex and interconnected world, the public and private sector are faced with growing physical and electronic challenges to protect personal information, business transactions, and critical infrastructure. Given the convergence of risks and fading boundaries between physical, cyber, and information security, it is essential that organizations of all types and sizes have the best tools at their disposal to promote security awareness from a holistic perspective.
“The human element is central to any successful security strategy. By promoting a ‘security awareness culture,’ organizations can proactively prevent problems that detract from achieving their business objectives,” says Dr. Marc H. Siegel, commissioner, ASIS Global Standards Initiative. “The proposed standard will integrate physical, cyber, and information security into day-to-day business and risk management practices. It will emphasize that everyone in the organization is part of the risk equation, and therefore, part of the solution.”
The Standard will focus on cross-disciplinary management measures, as well as awareness and training programs to help organizations and their supply chains prepare for and minimize the likelihood of an undesirable event, as well as respond to and recover from a security incident.
Topics of discussion related to security awareness will include:
- Physical security
- Information security
- Cyber security
- Wireless networks
- Password security
- Intangible asset security (brand, reputation, file sharing, intellectual property, and image)
“Businesses are struggling to cope with all of today’s security threats,” says Dr. Casey Marks, director of Professional Programs Development, (ISC)². “The continued convergence of cyber and physical security causes our adversaries to neither think nor act in siloes when they perform malicious activities. An all-encompassing security standard like this will help to provide businesses with needed guidance. Standards are the pillar upon which the concept of professionalization is built, and we’re pleased to be a part of this effort with two well-respected industry organizations.”
ASIS, (ISC)² and ISACA will form a joint technical committee and working group to develop the standard, soliciting input from security experts around the globe. The committee will operate under ASIS’s ANSI-accredited process to develop an American National Standard that can be applied anywhere in the world.
“Combining the expertise of our members and leaders will help organizations and their supply chains assess their risks and develop enterprise-wide and site-specific plans and procedures to more effectively manage risk and protect their human, tangible and intangible assets,” says Christos Dimitriadis, Ph.D., CISA, CISM, CRISC, international president of ISACA. “Security awareness is a business imperative in today’s interconnected world. By bringing together the top security professional organizations, we can share best practices and ensure a collaborative approach to asset protection.”
Technical committee formation is expected to begin in April. For more information, contact firstname.lastname@example.org.
ABOUT ASIS International
ASIS International (ASIS) is the largest membership organization for security management professionals that crosses industry sectors, embracing every discipline along the security spectrum from operational to cybersecurity. Founded in 1955, ASIS is dedicated to increasing the effectiveness of security professionals at all levels.
Through hundreds of chapters across the globe, ASIS develops and delivers board certifications and industry standards, hosts networking opportunities, publishes the award-winning Security Management magazine, and offers educational programs, including the Annual Seminar and Exhibits—the security industry’s most influential event. Whether providing thought leadership through the CSO Roundtable for the industry’s most senior executives or advocating before business, government, or the media, ASIS is focused on advancing the profession, and ensuring that the security community has access to intelligence, resources, and technology needed within the business enterprise. www.asisonline.org
Formed in 1989, (ISC)²® is the largest not-for-profit membership body of certified cyber, information, software and infrastructure security professionals worldwide, with over 110,000 members in more than 160 countries. Globally recognized as the Gold Standard, (ISC)² issues the Certified Authorization Professional (CAP®), Certified Cyber Forensics Professional (CCFP®), Certified Cloud Security Professional (CCSPSM), Certified Information Systems Security Professional (CISSP®) and related concentrations, Certified Secure Software Lifecycle Professional (CSSLP®), HealthCare Information Security and Privacy Practitioner (HCISPP®) and Systems Security Certified Practitioner (SSCP®) credentials to qualifying candidates. (ISC)²’s certifications are among the first information technology credentials to meet the stringent requirements of ISO/IEC Standard 17024, a global benchmark for assessing and certifying personnel. (ISC)² also offers education programs and services based on its CBK®, a compendium of information and software security topics. More information is available at www.isc2.org.
ISACA (www.isaca.org) helps global professionals lead, adapt and assure trust in an evolving digital world by offering innovative and world-class knowledge, standards, networking, credentialing and career development. Established in 1969, ISACA is a global nonprofit association of 140,000 professionals in 180 countries. ISACA also offers the Cybersecurity Nexus (CSX), a holistic cybersecurity resource, and COBIT, a business framework to govern enterprise technology.
Kristen Kessinger, +1.847.660.5512, email@example.com
Leigh A. McGuire, ASIS International, +1.703.518.1415, firstname.lastname@example.org
Felicia Johnson, (ISC)2, +1. 727.683.0772, email@example.com