patpitchaya - stock.adobe.com
A group of implementation-focused cyber nonprofits – including the likes of the Center for Internet Security, Crest International, and the Fido Alliance – have joined forces to create an umbrella coalition that will work to develop, share, deploy and increase awareness of security best practice, tools, standards and services.
Formed in the US, but globally relevant, the Nonprofit Cyber coalition is envisioned as a “collaboration of equals” and will initially focus on two priorities – building awareness of cyber nonprofits, and aligning the work of its 22 founding members, all of which must hold nonprofit status under US law or their home country equivalents.
The founding members are: the Anti-Phishing Working Group, the Center for Internet Security, the Center for Threat-Informed Defense, the Cloud Security Alliance, Consumer Reports, Crest International, the Cyber Defence Alliance, the CyberPeace Institute, the Cyber Readiness Institute, the Cyber Threat Alliance, the Cybercrime Support Network, the CyberGreen Institute, the Fido Alliance, the Forum of Incident Response and Security Teams, the Global Cyber Alliance, the National Cyber Forensics and Training Alliance, the National Cybersecurity Alliance, the Open Web Application Security Project, SAFECode, the Shadowserver Foundation, #ShareTheMicInCyber, and Sightline Security.
The group is also welcoming applications for new members, focusing only on those that work to implement security best practice and solutions at scale, and not lobbying, policy development or advocacy groups, nor industry bodies.
Philip Reitinger, CEO of the Global Cyber Alliance (GCA) and newly elected co-chair of the coalition, said: “A large number of nonprofits that focus on cyber security implementation are working within their own areas of action toward the joint goal of improving cyber security, but the lack of coordination and communication among them can lead to inefficiency and duplication of effort.
“Better communication and collaboration among these groups will enable programmatic and opportunistic action to improve cyber security.”
Tony Sager, Center for Internet Security vice-president and chief evangelist, and the group’s other co-chair, added: “Cyber security nonprofits create and sustain essential resources that touch every enterprise and every person. And many are natural ‘integration engines’, bringing together people and ideas across the public and private sectors, technical disciplines, industry sectors, and national borders.
“Our goal with Nonprofit Cyber is to collaboratively align our individual strengths into a collective force for good, taking positive action for the entire cyber ecosystem.”
NCSC technical director Ian Levy was among those to welcome the group’s inauguration: “Nonprofits have an important role to play in helping set expectations in cyber security hygiene and providing tools that can help organisations of all sizes. I’m really happy to see these great organisations coming together…to be better coordinated and maximise the impact they can have in helping the global cyber security mission.”
Hans de Vries, director of the NCSC’s Dutch counterpart NCSC-Nl, added: “Public-private-nonprofit cooperation, including internationally, is and the core of the NCSC-Netherlands’ work. We therefore welcome this initiative, for it can help to bolster the fabric of understanding, sharing and cooperating during incidents and in general improve cyber governance. We will seek to support this new initiative from day one.”
Read more about security awareness
- While UK organisations are doing better at security training, many are quick to punish employees who fall victim to phishing attacks, whether real or simulated.
- In-house or outsourced? What makes a good security training programme, and what questions should buyers ask when procuring training as a service?