Computerworld - WASHINGTON -- When the Department of Homeland Security convenes its National Cyber Security Summit in California next Wednesday, its stated aim will be to improve cooperation with the private sector. But the question is whether it's cooperating too closely with IT vendor special interests.
The DHS is hosting the event in collaboration with IT vendor organizations whose lobbying activities are coming under increased scrutiny for pushing an agenda that would place the burden of security on the government and users rather than on the vendors that sell the products.
Co-sponsoring the event, to be held in Santa Clara, are the Information Technology Association of America, the Business Software Alliance, the TechNet alliance of CEOs and the U.S. Chamber of Commerce. A Computerworld review of the public policy statements of these groups found nothing to indicate that they have ever taken a position that calls on IT vendors to improve the security and quality of their products.
Moreover, the vendor groups partnering with the DHS this week appear to share an agenda aimed at frustrating legislation that would require companies to conduct third-party security benchmarks and report the results each year in their annual reports (see story). All of those organizations played a role in blocking a bill with such goals last month, according to officials involved in drafting the legislation who spoke on condition of anonymity.
While many industry executives spoke on the record about the role of vendor groups in shaping public policy, others said privately that they agreed with the general perception that such groups are pushing political agendas at the cost of improved security.
"ITAA and BSA continue to put forth resistance that seems based more on visceral than logical grounds," said the president of another industry consortium that regularly deals with these groups. "They continue to say that externally defined security requirements, either from the government or users, stifle innovation, which strikes me as a classic red herring."
Amit Yoran, director of the National Cyber Security Division at the DHS, said that in his interactions with the vendor groups co-sponsoring the summit, he has witnessed "a genuine interest and desire to improve the state of cybersecurity." And while the concern about vendor resistance to regulation is a valid one, Yoran said, vendors are for the most part "putting their money where their mouths are."
"Before advocating specific legislative initiatives, they want to have a good, clear understanding of the upside and the impact of that legislation with respect to its effect on industry," said Yoran. "We
Free Insider GuideCopyright © 1994 - 2012 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.
