Liability concerns highlighted at inaugural meeting of certified ISAO group

Concerns about lawsuits as a driver for sharing cyber-threat intelligence was a high-profile topic of discussion at the first meeting of an association of certified information-sharing organizations.

Organizations that “ignore their responsibility” to address cybersecurity risks face the possibility of lawsuits and enforcement actions by regulators, and companies will need “to show that they're doing 'due care,'” said Mike Echols, CEO of the newly formed International Association of Certified ISAOs.

“One way to show [that due care] is to join...