Q&A: RSA CEO sees lack of leadership in U.S. cybersecurity efforts
'The government has done absolutely nothing to execute on their own strategy,' says Art Coviello
Computerworld - Art Coviello wears multiple hats. As president and CEO of RSA Security Inc., he is responsible for the company's vision and long-term strategy. He is also a founding member and co-chair of the Standards Committee of the Cyber Security Industry Alliance (CSIA), which is a consortium of technology companies. In that capacity, he was appointed co-chair of the National Cyber Security Summit's Corporate Governance Task Force reporting to the U.S. Department of Homeland Security. In an interview with Computerworld, Coviello talked about the lack of federal leadership on cybersecurity issues, the challenges of information-sharing and RSA's recent acquisition of fraud management software vendor Cyota Inc.
The CSIA recently criticized the federal government for its apparent failure to act on recommendations to improve cybersecurity. What exactly is the problem? [Former White House counterterrorism chief] Dick Clarke, in his last act working for the White House, pulled together in early 2003 a strategy for the president to secure cyberspace. That was in 2003. I was in a task force around corporate governance and reported out to the Department [of Homeland Security]. We are heading out into 2006, and the government has done absolutely nothing to execute on their own strategy. I think it is entirely appropriate that the Cyber Security Industry Alliance and industry leaders call attention to that fact. We are pleased that [Department of Homeland Security Secretary Michael] Chertoff announced that he is going to appoint an assistant secretary [for cybersecurity]. But that was almost six months ago. OK, we had Hurricane Katrina, and he's been preoccupied. But when oh when are we going to get that assistant secretary, and when are we going to start executing on a strategy that was laid out almost three years ago?
Among the failures mentioned by the CSIA was the continued lack of information sharing between government and the private sector on cybersecurity matters. The idea of information sharing is a pretty comprehensive and complex topic. The reason is, while the technologies exist, getting together the people and the process part of it is a lot harder. Is the profile of somebody in the FBI equal to the profile of somebody in the CIA or the DHS? How are you going to get all of these agencies to agree on what level of access is going to be adequate for people at various levels in the government? What kind of access are you going to give to somebody from the FBI to the CIA database? What kind of access are you going to give DHS
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts