Working Groups: One of the Cornerstones of an Effective ISAO

By Andy Jabbour

As FB-ISAO transitions to our membership model, we’re excited to also begin our working group collaboration and Slack member channels. Collaborative groups are essential to a successful ISAO and our working groups will be a vital part of that for FB-ISAO. As we begin this next phase in FB-ISAO’s maturity, we are establishing five initial Working Groups (WGs). What follows are overviews of these initial WGs and an explanation of some of the ways members can use Slack as a means of participating in the working groups.

Working Groups. WGs are ongoing collaborative groups comprised of FB-ISAO members and staff focusing on specific areas that are important to enhancing FB-ISAO’s capabilities and the ways in which our organization can support members’ threat and risk awareness, preparedness, security, and operations. WGs are co-chaired by FB-ISAO staff and FB-ISAO members. Initially, we are establishing WGs as follows:

• Cyber Threat Intelligence;
• Business Resilience;
• Threat and Incident Response Group
• Preparedness;
• Communications; and,
• Outreach & Engagement

Additional WGs may be developed over time based on needs our staff identify or at the request of members and the approval of our Advisory Board. FB-ISAO Professional Members may join most WGs so long as they meet the criteria established by that WG (those requirements will be developed by each WG). Brief descriptions of our initial WGs follow.

Cyber Threat Intelligence. The CTIWG will focus on identifying information security / cybersecurity-related threats relevant to the community and the associated risks, helping to inform the FB-ISAO cybersecurity threat level, developing actions members can consider given a specific threat level, and other activities relating to enhancing the awareness, security and resilience of our members and community, during both routine operations and during incidents relevant to the community. Members may also help inform FB-ISAO staff efforts relating to cybersecurity analysis, reporting, and services. The CTIWG may help vet physical security-related ideas and initiatives from members and staff. Some issues and concerns crossing over from or into other domains, such as blended threats, may be addressed in collaboration with the BRWG.

Business Resilience. The BRWG will focus on identifying non-cybersecurity-related threats – those pertaining to man-made threats, natural hazards and health issues – relevant to the community and the associated risks, helping to inform the FB-ISAO physical threat level, developing actions members can consider given a specific threat level, and other activities relating to enhancing the awareness, security and resilience of our members and community, during both routine operations and during incidents relevant to the community. Members may also help inform FB-ISAO staff efforts relating to analysis, reporting, and services. The BRWG may help vet physical security-related ideas and initiatives from members and staff. Some issues and concerns crossing over from or into the cyber domain, such as blended threats, may be addressed in collaboration with the CTIWG.

Threat & Incident Response Group. During active threats, incidents, or for other issues identified by FB-ISAO staff, FB-ISAO may convene joint meetings of the CTIWG and BRWG under the banner of the TIRG.

Preparedness. The PWG will focus on both collaboration among members relating to facility and operational preparedness, as well as helping to inform and develop FB-ISAO lead preparedness events, such as exercises. Members may also help inform FB-ISAO staff efforts relating to analysis, reporting, and services and may be asked to assist in the development of input to assist the CTIWG and BRWG.

Communications. The CWG will focus on ensuring effective communications and reporting, both internally from FB-ISAO to members and among members, and externally with FB-ISAO partners. This may include reviewing reports, formats, organization and appearance, as well as reviews of the traffic-light protocol and other communications related activities.

Outreach & Engagement. The OEWG will focus on increasing awareness of FB-ISAO among our community of FBOs and partner organizations. The OEWG may develop campaigns to increase awareness and engage the community, identify events to help raise awareness and interest in FB-ISAO, and consider member engagement to help ensure FB-ISAO members are being afforded ample opportunities to be involved with FB-ISAO.

In addition to WG activities, Professional Members are strongly encouraged to actively participate on FB-ISAO Slack. Initial channels in Slack have been set-up to facilitate some initial information sharing and awareness, such as the feed informed by the content in the Faith-Based Journal (FBJ) and general channels. Additional channels are to support WG communications and how WG collaboration will primarily occur. However, additional channels may be set up to support any number of interests members have, from topical groups – focusing on issues and concerns members have, to geographic groups, to groups based on size, or specialty (charities, houses of worship, or for those with personnel operating internationally), to just for fun groups based on member interests. Pro members can request FB-ISAO establish channels anytime! Learn more about our membership levels: https://faithbased-isao.org/membership-levels/

“Sounds Interesting, But How Much Time Does This Require?” That may be a question you’re asking, and a fair one! Our WGs will typically meet for monthly virtual meetings. These will be opportunities to check in, update progress or outcomes of various projects and initiatives and to discuss relevant issues. We ask all WG members to participate in at least two out of three meetings per quarter. Co-Chairs will be more involved, helping to guide the group, set the agenda, and ensure progress is being made on various WG activities. Some WG members may volunteer to lead or support WG efforts, but that will be optional. Our goal is to keep the burden light but to also ensure we have effective means for members to get involved and help shape FB-ISAOs efforts and to really be a part of building the security and resilience of the community of faith.

Our “big vision” is to connect every FBO to FB-ISAO to allow for a means for peer engagement and, in the event of an urgent communication for our community, a means by which we can get that out. While we recognize that for many, Basic and Subscriber-level Membership will suffice, we hope you may find interest in a more active Professional Membership and being an active participant in shaping the activities and efforts of FB-ISAO and our community. FB-ISAO is you! And only your participation can make it great!