DHS Secretary Chertoff to Business: 'Send us Your Best & Brightest'

Notes from the RSA Conference - Day 1
DHS Secretary Chertoff to Business: 'Send us Your Best & Brightest'
In stepping up the fight against cyber crime, Michael Chertoff, Secretary of the US Department of Homeland Security (DHS), has a simple request: Send some of your best & brightest employees to help the government's efforts.

"We want your ideas, insights and I daresay your employees," Chertoff told the crowd in a keynote address at the RSA Conference in San Francisco on Tues. "It's not just the best thing you can do for your business; it's the best thing you can do for your country."

Reflecting on the 5th anniversary of the creation of DHS, Chertoff discussed the top cyber threats facing the nation, how DHS is countering them, and his vision of where the U.S. needs to go.

"We're not likely to see airplanes flying into buildings [in cyberspace]," Chertoff says. "But we can see consequences not unlike what people experienced on Sept. 11, 2001."

The major threats of interest to the government are:

Individual hackers who want to disrupt business or government;
Organized criminals seeking to extort or steal information;
Nation states engaged in espionage.

To date, the U.S. has countered with its Computer Emergency Response Team (US CERT), which is chartered with strengthening public and private domains. "But the time has come to take a quantum leap forward," Chertoff says. "We need a game-changer."

This 'game-changer' is what Chertoff describes as "A Manhattan Project approach to deal with cyber threats."

Current limits to such a plan's effectiveness are:

There are too many access points to public and private systems;
Govt. agencies are uneven in how they protect their assets;
The architecture is backwards-looking, reflecting on incidents rather than anticipating them.

To overcome these challenges, Chertoff wants to see public and private sectors come together to limit entry points, establish 24/7 protection, and to create a faster cycle time that spots threats before they're launched.

"It's not responsible to avert our eyes from a threat just because it's difficult to overcome," Chertoff says.

Coviello Kicks off Event
RSA CEO Art Coviello got the event started this morning with a keynote built around The Role of Security in Business Innovation - a practice in which he says "I see a lot of dancing."

One key trend identified in a recent RSA survey: 80% of surveyed organizations say they shy away from business innovation because of information security concerns.

Coviello describes security professionals working against a "perfect storm" of:

Regulations;
Breaches;
Gap between technology capabilities and customer knowledge.

"We live in an age where one wrong click can jeopardize our identities or livelihoods," he says.

The ongoing mission for security practitioners, he says, "Is not to say 'no,' but to say 'how?'"

Coviello's recommendations:

For Congress to adopt a national breach notification law, supplanting the 30-something laws currently enacted by different states;
For the government to invest more in security education;
Spend more money on security research;
Pass federal cyber crime bill, which has been passed by the senate
Show more leadership

Latest Cyber Threat Stats
John Thompson, CEO of Symantec, discussed the results of his company's latest threat research. Highlights:

Data loss via theft of laptops, storage devices remains the top threat.
Malicious code is so prevalent that we've now reached a point where more malicious code than "good" code is created.
The black market for data currently pays $8 for a stolen eBay ID, 40 cents for a credit card account, and the really hot item - a World Of Warcraft gaming ID;
In terms of identity theft, stats say that three IDs are lost every second.

About the Author

Tom Field

Tom Field

Senior Vice President, Editorial, ISMG

Field is responsible for all of ISMG's 28 global media properties and its team of journalists. He also helped to develop and lead ISMG's award-winning summit series that has brought together security practitioners and industry influencers from around the world, as well as ISMG's series of exclusive executive roundtables.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.eu, you agree to our use of cookies.