Small to Medium-size Business Information Sharing and Analysis
AFFORDABLE BUSINESS PROTECTION
CYBER THREAT INTELLIGENCE • INFORMATION SHARING • POST DATA BREACH LEGAL PROTECTIONS
Affordable Business Protection
Cyber Threat Intelligence • Information Sharing • Post Data Breach Legal Protections
Join Us
Realize a more secure cyber future.
Learn More
Get to know SMB ISAO.
PROUD MEMBERS, SUPPORTERS AND PARTNERS OF:
What is an Information Sharing and Analysis Organization (ISAO)?
An Information Sharing and Analysis Organization is a public or private entity that is formed for the purpose to gather, analyze, communicate and voluntarily disseminate to its members cyber related information to better understand cybersecurity threats and problems, and increase the member’s ability to prevent, mitigate or recover from the effects of an attack.
SMB ISAO Executive Director Receives Information Sharing Hall of Fame Award 2019
SAN ANTONIO, TEXAS (Aug. 22, 2019) – Bonnie Moss, executive director of the SMB ISAO, has been recognized as an Information Sharing Hall of Fame Award winner for being identified as a notable leader and visionary …. Read More
SMB ISAO Receives Information Sharing Hall of Fame Award 2018
TYSONS CORNER, VIRGINIA (Sept. 12, 2018) – The SMB ISAO has been recognized as an Information Sharing Hall of Fame Award organizational winner for their commitment to advancing information sharing among organizations and their overall impact on the information sharing ecosystem…. Read More
Information Sharing for the Small Business Community
Just as its name implies, the SMB iSAO provides members with reports and critical alerts that are identified from within the SMB iSAO community or fed from U.S. Government sources. This provides our members with some of the most up-to-date threat information that they can use to protect themselves, that otherwise would be unaffordable. As participants, SMB iSAO members are sharing threat indicators for analysts to research, scrub, and anonymize—which yields actionable intelligence for dissemination in real-time.
In turn, the SMB iSAO provides an anonymous, encrypted, U.S DHS approved channel to report cyber threat information such as a hack or social engineering. This allows the small business owner a validated means of reporting a cybersecurity event ensuring that, by sharing, they are helping other small businesses stay protected, but more importantly, invoking critical protections under the CISA*.
Why is Information Sharing so Critical?
Organizations engaged in information sharing, related to cybersecurity risks and incidents, play an invaluable role in elevating the collective cybersecurity of businesses across America—even the U.S. as a whole. That is why ISAOs were authorized in the CISA legislation: to address the critical trust gap between industry and the government. Additionally, critical protections were mandated by law to protect those companies that share their hacking information in order to invoke trust and sharing to include anonymity when reporting. When ISAO members share breach information through the appropriate channels, SMB iSAO members are afforded under the CISA* to include protection from:
- Tort litigation
- State and local disclosure laws, including FOIA requests
- Government enforcement actions as a result of breach disclosure
- Disclosure of Intellectual Property and Trade Secret Information
These protections ensure that small businesses are protected and shielded when they act as an ISAO member to improve their security through information sharing. But these protections are not invoked unless the hack information is shared.
SHOWING CUSTOMERS
CYBERSECURITY IS CRITICAL
CYBERSECURITY IS CRITICAL
Membership in the SMB iSAO shows customers and partners that the member is actively involved in addressing the cybersecurity threat against small businesses and that the member participates in a professional, sanctioned ISAO. Membership provides certification, a membership seal, and monthly reports.
MONTHLY REPORTS
CRITICAL EVENT UPDATES
CRITICAL EVENT UPDATES
Membership in the SMB iSAO provides the business owner monthly reports that provide insight into the latest threats against small businesses and recommendations for mitigation and resolution. When there are significant cybersecurity threats, critical alerts are sent out to all members alerting them to the threat.
CYBER SOLUTIONS
PROTECT YOUR BUSINESS
PROTECT YOUR BUSINESS
By participating in the SMB iSAO, businesses receive critical legal protections such as shielding from tort litigation and state and local disclosure laws, that are not available through insurance companies or other organizations. These protections are designed to increase the trust factor between industry and government and protect the SMB owner.
What are the Benefits for Small and Mid-Sized Business?
For the small price of a membership, belonging to the SMB iSAO brings critical advantages to the small business owner that cannot be overlooked in terms of their importance to business survival.
- An SMB iSAO membership demonstrates that the business owner is actively involved in cybersecurity. To show the member’s involvement, we provide a membership certification and seal for your website, and a unique membership identifier code to associate the member’s shared information without disclosing the member or their organization.
- An SMB iSAO membership and sharing of threat related intelligence also offer special protections under the CISA* against litigation and enforcement action.
By participating in the SMB iSAO information sharing community, businesses are afforded protection under the CISA* against tort litigation, state and local disclosure laws and government enforcement actions. These protections, available through CISA compliant breach reporting, are not available through insurance companies or other organizations. These protections are designed to increase the trust factor between industry and government and protect the SMB owner.
*The CISA is subject to change and interpretation.
