Compliance Management, Privacy

Cybersecurity lobby merges with IT trade group

The Information Technology Association of America (ITAA) has absorbed the Cyber Security Industry Alliance (CSIA), a lobby that has been pressuring lawmakers to pass federal data security and breach notification measures.

The merger will provide the much smaller CSIA, whose 15 members are mostly chief executives of major security vendors and which operated last year on a $1 million budget, with access to ITAA's combined membership revenue of some $8.5 million.

"We just needed more horsepower and more resources as the issues were growing," Tim Bennett, former president of the CSIA, told He plans to now start his own consulting practice.

The main priority of CISA, formed four years ago, was to persuade lawmakers to pass national data security and breach notification legislation, in addition to strengthening the Federal Information Security Management Act and increase penalties for spyware purveyors, Bennett said.

Meanwhile, as a trade association, the ITAA, with 350 corporate members, largely has focused its security efforts on promoting the protection of critical infrastructure through collaboration with the federal Department of Homeland Security, Bennett said.

"We are delighted that CSIA chose to bring its important work to ITAA," ITAA President and Chief Executive Officer Phil Bond said in a statement. "The global reach of CSIA, with its Brussels office, will bring valuable new perspective and resources to ITAA's own information security program and complement our work with the World Information Technology and Services Alliance."

Ari Schwartz, vice president of the Center for Democracy and Technology, a nonprofit advocacy group, said the merger stands to benefit cybersecurity lobbying efforts – if the ITAA decides it wants to promote that message.

National laws governing IT security, though, could negatively affect some of ITAA's members, such as data brokers, Schwartz admitted.

"ITAA had a security wing that was not very active in the past," Schwartz told "It was not considered to be a very big priority. It sounds like ITAA wants to move security issues forward. We'll have to see if they can sustain that commitment over time."

Under the merger, announced last week at the RSA Conference, ITAA will create a new cybersecurity CxO Council, which will be joined by former CSIA members, such as Symantec CEO John Thompson and PGP head Phil Dunkelberger, Bennett said.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.