Reporter's notebook: At the DHS National Cyber Security Summit
Officials urged the IT community to take the threat of cyberterrorism seriously
Computerworld - SANTA CLARA, Calif. -- Flanked by two senior officials from the Department of Homeland Security, Amit Yoran, the newly appointed director of the National Cyber Security Division, made his first major policy address since joining the department less than three months ago.
Yoran made his much-anticipated remarks yesterday at the inaugural DHS National Cyber Security Summit, referred to jokingly by Tom Ridge, secretary of homeland security, and Robert Liscouski, assistant secretary for infrastructure protection, as "Amit's coming out party."
If there was a central theme that ran through the remarks of all three DHS officials, it was the need to create a sense of urgency, to start taking action on tough issues facing cybersecurity at all levels of society, and to begin to think differently about future threats to the nation.
Yoran, the former director for vulnerability assessment at the Defense Department's Computer Emergency Response Team and former vice president for worldwide managed security services at Symantec Corp., said the nation could be witnessing "just the beginning of what could become a critical national weakness."
He compared the IT community's perception of future cyberterrorist threats to the early days of military air power, when most military thinkers dismissed the use of air power in war as ineffective.
"We need to be thinking about how today's advances in cyberspace can be turned against us," said Yoran. Even though most cyberattacks have so far proved unsophisticated and have been predominantly criminal in nature, "we cannot count on that forever or even for long," said Yoran. He was referring to the threat of terrorist-sponsored, coordinated attacks on critical infrastructures.
There was an air of tension at the summit, stemming from a Computerworld report that raised questions about the motivations and role of the various IT vendor associations that sponsored the event (see story). Harris Miller, president of the Arlington, Va.-based Information Technology Association of America (ITAA), even made a point during a news conference to take issue with what he called "erroneous" comments made about the lobbying power of the ITAA and other groups.
In an exclusive interview with Computerworld, Yoran acknowledged that questions about vendor influence are valid. But he flatly denied that the DHS is following the antiregulation views of the ITAA, the Business Software Alliance and TechNet.
Yoran also acknowledged the lack of critical-infrastructure operators and other end-user companies attending the summit. Only eight such companies were among the 334 registered attendees. But he said he and others from DHS would be meeting with those organizations in the coming weeks and months.
If there was one issue the DHS
- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- The 12 PCI DSS 3.0 requirements addressed by Peer 1 Hosting This handy quick reference outlines the 12 PCI DSS 3.0 requirements, who needs to be compliant and how Alert Logic solutions address the...
- Defense Throughout the Vulnerability Life Cycle This whitepaper provides insight into how to leverage threat and log management technologies to protect your IT assets throughout their vulnerability life cycle.
- Mobile Policy Checklist Here's what to consider when putting together a mobile policy designed to support a highly productive workforce.
- Securing BYOD Mobile computing is becoming so ubiquitous that people no longer bat an eye seeing someone working two devices simultaneously. Individuals and organizations are...
- Live Webcast On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy...
- Live Webcast Endpoint Backup & Restore: Protect Everyone, Everywhere Arek Sokol from the bleeding-edge IT team at Genentech/Roche explains how he leverages cross-platform enterprise endpoint backup in the public cloud as part...
- Streamline Software Asset Management, Compose a software Management Symphony Keeping track of your organization's software is easy with effective software management solutions from CDW. View the videos in our software solutions channel
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva. All Security White Papers | Webcasts