SMB ISAO

Home

What is an Information Sharing and Analysis Organization (ISAO)?

An Information Sharing and Analysis Organization is a public or private entity that is formed for the purpose to gather, analyze, communicate and voluntarily disseminate to its members cyber related information to better understand cybersecurity threats and problems, and increase the member’s ability to prevent, mitigate or recover from the effects of an attack.

SMB ISAO Receives Information Sharing Hall of Fame Award

SMB ISAO

TYSONS CORNER, VIRGINIA (Sept. 12, 2018) – The SMB ISAO has been recognized as an Information Sharing Hall of Fame Award organizational winner for their commitment to advancing information… Read More

Information Sharing for the Small Business Community

Just as its name implies, the SMB iSAO provides members with reports and critical alerts that are identified from within the SMB iSAO community or fed from U.S. Government sources. This provides our members with some of the most up-to-date threat information that they can use to protect themselves, that otherwise would be unaffordable. As participants, SMB iSAO members are sharing threat indicators for analysts to research, scrub, and anonymize—which yields actionable intelligence for dissemination in real-time. In turn, the SMB iSAO provides an anonymous, encrypted, U.S DHS approved channel to report cyber threat information such as a hack or social engineering. This allows the small business owner a validated means of reporting a cybersecurity event ensuring that, by sharing, they are helping other small businesses stay protected, but more importantly, invoking critical protections under the CISA*.

Why is Information Sharing so Critical?

Organizations engaged in information sharing, related to cybersecurity risks and incidents, play an invaluable role in elevating the collective cybersecurity of businesses across America—even the U.S. as a whole. That is why ISAOs were authorized in the CISA legislation: to address the critical trust gap between industry and the government. Additionally, critical protections were mandated by law to protect those companies that share their hacking information in order to invoke trust and sharing to include anonymity when reporting. When ISAO members share breach information through the appropriate channels, SMB iSAO members are afforded under the CISA* to include protection from:
  • Tort litigation
  • State and local disclosure laws, including FOIA requests
  • Government enforcement actions as a result of breach disclosure
  • Disclosure of Intellectual Property and Trade Secret Information
These protections ensure that small businesses are protected and shielded when they act as an ISAO member to improve their security through information sharing. But these protections are not invoked unless the hack information is shared.  

Why Join and Information Sharing Community?

What are the Benefits for Small and Mid-Sized Business?

For the small price of a membership, belonging to the SMB iSAO brings critical advantages to the small business owner that cannot be overlooked in terms of their importance to business survival.
  1. An SMB iSAO membership demonstrates that the business owner is actively involved in cybersecurity. To show the member’s involvement, we provide a membership certification and seal for your website, and a unique membership identifier code to associate the member’s shared information without disclosing the member or their organization.
  2. An SMB iSAO membership and sharing of threat related intelligence also offer special protections under the CISA* against litigation and enforcement action.
By participating in the SMB iSAO information sharing community, businesses are afforded protection under the CISA* against tort litigation, state and local disclosure laws and government enforcement actions. These protections, available through CISA compliant breach reporting, are not available through insurance companies or other organizations. These protections are designed to increase the trust factor between industry and government and protect the SMB owner. *The CISA is subject to change and interpretation.

Affordable Membership Fees

The SMB iSAO is designed to offer the SMB community affordable solutions that do not impact the bottom line. Membership in the ISAO is only $19.95 per month. That’s a small fee to pay for great peace of mind.
Cyber Shield

SHOWING
CUSTOMERS

CYBERSECURITY IS CRITICAL

Membership in the SMB iSAO shows customers and partners that the member is actively involved in addressing the cybersecurity threat against small businesses and that the member participates in a professional, sanctioned ISAO. Membership provides certification, a membership seal, and monthly reports.

LEARN MORE
Secure Cloud

MONTHLY
REPORTS

CRITICAL EVENT UPDATES

Membership in the SMB iSAO provides the business owner monthly reports that provide insight into the latest threats against small businesses and recommendations for mitigation and resolution. When there are significant cybersecurity threats, critical alerts are sent out to all members alerting them to the threat.

LEARN MORE
Security at Your Fingertips

CYBER
SOLUTIONS

PROTECT YOUR BUSINESS

By participating in the SMB iSAO, businesses receive critical legal protections such as shielding from tort litigation and state and local disclosure laws, that are not available through insurance companies or other organizations. These protections are designed to increase the trust factor between industry and government and protect the SMB owner.

LEARN MORE

News & Event Updates

Ongoing Cybersecurity Training (FREE)

December 20, 2017
A cybersecurity breach can break a small business, and now the Pikes Peak Small Business Development Center has launched a statewide program to help small-business owners get ahead of the threats.LEARN MORE

Recent Blog Posts

From Bad to Worse

by Bonnie Moss
January 17, 2018
Meltdown attacks the isolation between user applications and the operating system, and allows a program to access memory and secrets of the operating system and other programs. The mass public has been advised that computers (and a cloud infrastructure) running on an unpatched operating system are at risk of sensitive information being leaked...READ MORE

SMB iSAO speaks at ISAO Standards Organizations Inaugural Event

by Bonnie Moss
November 16, 2017
Capitalizing on the National Cybersecurity Awareness Month, the ISAO’s Standards Organization hosted the Inaugural International Information Sharing Conference in Washington DC. The goal was to push the information sharing ecosystem forward as trust is being built among its community members.READ MORE

New small business ISAO seeks to fill gap in support for fending off cyber attacks

by Maggie Miller
November 3, 2017
The newly established Small and Mid-Sized Business Information Sharing and Analysis Organization is seeking to expand its membership to address what the group's leaders see as a void in support for smaller companies to defend against cyber threats.READ MORE