It is hard to believe it’s been a year since CompTIA announced it was taking over what is now known as the CompTIA Information Sharing and Analysis Organization (ISAO) to help technology companies better defend against increasingly targeted and malicious threats. From the very beginning, the CompTIA ISAO has worked diligently on our mission to raise the cybersecurity resilience of the tech industry by building a community focused on MSPs, solution providers, integrators, MSSPs, technology vendors, distributors and the consultants that support everyone working in the business of technology.
I’ve learned a lot over the last year. Members of the CompTIA ISAO have made a commitment to focus on cybersecurity and ensuring that their businesses—as well as their customers’—are more secure. While the industry has always focused on tools and technologies, the need to share information on emerging and established threats has really come to the forefront in order to be cyber resilient.
Absolute security is an illusion. Recent high-profile events like the SolarWinds supply chain issue and the Microsoft Exchange vulnerabilities have made this clearer than ever. As a result of what I’ve learned this past year, we will be devoting even more resources to helping our members share and consume the critical cyber threat intelligence that will enable us all to be more secure.
How Did We Get Here?
Over the last year, the entire CompTIA team embraced the CompTIA ISAO and developed a comprehensive plan that culminated in an official relaunch at ChannelCon in August 2020. From marketing, to finance, to membership, IT, project management, social media, legal and PR, a dedicated team of professionals supported the initiative and created something amazing.
From March 2020 through August 2020, we accomplished so much in a short period of time. Some highlights from this time:
- Launched our Industry Partner program to provide startup funding for the CompTIA ISAO.
- Recruited six Industry Partners.
- Recruited an engaged group of Subject Matter Experts from across the industry, representing MSPs and vendors to help us define, evaluate, and select the partners and platforms that would create the foundation of the CompTIA ISAO.
- Partnered with the IT-ISAC to provide a team of cyber analysts to issue alerts and reports for CompTIA ISAO members.
- Partnered with TruSTAR to provide our threat intelligence platform.
- Joined the Homeland Security Information Network (HSIN) to access sensitive, but unclassified cyber threat intelligence.
- Launched the CompTIA ISAO Cyber Forum in July 2020 where members come together to access threat intelligence, share best practices and network in a secure online community of peers.
We began recruiting dues-paying members last August at ChannelCon Online and since then we’ve continued to accomplish a lot:
- Published the first CompTIA ISAO Weekly Report in August 2020.
- Added a Weekly Video Update to provide more consumable updates for members.
- Published more than 260 threat reports.
- Were the first to report the Microsoft Netlogon vulnerability in September 2020.
- Produced a ransomware report specifically focused on MSPs and their customers.
- Launched news feeds of content curated just for the CompTIA ISAO from vendor members.
- Formed three advisory groups to provide strategic guidance: the Executive Advisory Council, MSP Champions Working Group and SME Champions Working Group are represented by leaders from MSPs, MSSPs, tech vendors, philanthropy, distribution and academia.
- Surpassed 1,000 member companies.
More Benefits, Value on the Way
And the best is yet to come! We continue to make enhancements across our platforms to provide increasing value for our members. We plan to launch the CompTIA ISAO Monthly Member Meetup in April. Each month, members will be able to join me as well as CompTIA ISAO cyber analysts, threat intelligence experts from TruSTAR, SMEs, and other cybersecurity professionals for an open, interactive discussion on Zoom.
It’s a great opportunity to ask questions, discuss current cyber threats, review best practices and network with your fellow CompTIA ISAO members. Sharing information and ideas is critical to our cybersecurity resilience and this monthly member meet-up allows our members to help each other and get more value from your CompTIA ISAO membership.
In addition, we are forming our first Special Interest Group on Intelligence Sharing and Automation. The work of this group will have an important impact on our members’ ability to share and respond to threat intelligence in near real-time.
We have several other projects in the pipeline for the rest of this year that will benefit our members. We will target alerts to our members based on their technology stack, develop a cyber threat index based on information from our platforms, and provide co-branding opportunities for our members to share timely content with their customers that highlights your cybersecurity acumen and thought leadership. We also are expanding our partnerships in the tech industry and the public sector to bring more resources to our members to fight back against the bad actors.
The world is facing more frequent and devastating cyber-attacks than at any point in our history. It is only by working together in a trusted community that we will be able to retake the initiative from the bad actors and work to safeguard our businesses, the global economy and community. The mission is daunting and necessary. It is larger than any one member and even our industry. It impacts every person in every country around the globe. Working together, we have accomplished a lot in our first year. The best is truly yet to come, and I look forward to continuing to work with current and new members as we work together to raise the cybersecurity resilience of our industry and the world. Join us!