Cybersecurity group looks to Europe for help
'The private sector is going to get attacked,' says a CSIA exec
IDG News Service - There isn't a colored alert system indicating the threat level faced by global information systems. But if there were, former White House security director Paul Kurtz figures it would be bright orange for "high risk."
"It's not appropriate to say the sky is falling, but I do think we are taking information security for granted," Kurtz said during an interview on Friday.
It's this concern that prompted Kurtz, executive director of the Cyber Security Industry Alliance (CSIA), to come to Europe last week. CSIA, a public-policy advocacy group focused on cybersecurity issues, was launched in February 2004 by a handful of IT security firms, including RSA Security Inc., McAfee Inc. and Symantec Corp. It's now seeking to expand its membership in Europe and begin tackling issues across the Atlantic.
Industry representatives approached Kurtz about his current job early last year, while he was serving as special assistant to the president and senior director for critical-infrastructure protection on the White House's Homeland Security Council. Those roles left him responsible for both physical and cybersecurity issues.
"At first, I thought Washington needs a new association like a hole in the head. But then after I thought about it, I elected to leave the White House," Kurtz said. Part of the reason was that cybersecurity had been "put in the back seat" while physical security took precedence, he said. "It was very frustrating," Kurtz added.
At CSIA, Kurtz and the member companies want to work on global cybersecurity issues such as privacy and information integrity, as well as help develop policies like notifying the public when personal information has been exposed in a data breach. The group is focused on enterprise issues and is CEO-driven -- its board comprises executives from McAfee, Symantec and RSA, among others.
"The bottom line is that the private sector is going to get attacked," Kurtz said.
The U.S. government isn't taking cybersecurity seriously enough, he said, noting that it reduced research and development spending for the area in its latest budget.
One possible reason for the lack of concern is that some government officials still believe cybercriminals are "pimply-faced teenagers," not organized crime gangs, according to Kurtz.
But for the private sector, the threat has become much more real as recent high-profile cases have grabbed headlines and shaken consumer confidence. In just one recent incident, it was revealed that some 40 million credit card numbers may have been accessed by a hacker who infiltrated the network of a company that processed payment information for MasterCard International Inc. (see "Security breach may have exposed 40M credit cards").
- Securing Mobile App Data - Comparing Containers and App Wrappers Analysts agree that Mobile Device Management (MDM) is not enough when it comes to securing app data. Although it remains a critical component...
- PCI 3.0 Compliance In this white paper, learn how PCI-DSS 3.0 effects how you deploy and maintain PCI compliant networks using CradlePoint devices.
- Mitigating Security Risks at the Networks Edge This white paper provides strategies and best practices for distributed enterprises to protect their networks against vulnerabilities, threats, and malicious attacks.
- 5 Strategies for Modern Data Protection Read the five strategies for modern data protection that will not only help solve your current data management challenges but also ensure that...
- Business-driven data protection Setting up data protection infrastructures with your organizations' core mission or business in mind is key. In this webinar, the ARCserve team will...
- On-Demand Webinar: Mind the Gap! Watch the webinar featuring Bob Janssen, CTO and Co-Founder of RES Software, to start building a solid foundation for business and IT to... All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!