President of the Internet Security Alliance claims that security is 'a generation behind the attackers'

News by Dan Raywood

The US cyber security coordinator Howard Schmidt is to meet with other White House security secretaries to discuss how to improve private-sector cyber security through economic incentives.

The US cyber security coordinator Howard Schmidt is to meet with other White House secretaries to discuss how to improve private-sector cyber security through economic incentives.

According to Hillicon Valley, Schmidt will meet with secretary of commerce Gary Locke, department of homeland security secretary Janet Napolitano and president of the Internet Security Alliance Larry Clinton, to review the ‘Cyber Space Policy Review'.

Clinton said the policy review was the first government document that began to address cyber security as an economic rather than operational issue. He said that the reason cyber attacks are so plentiful is that all of the economic incentives currently favour the attackers, particularly with regards to private sector attacks.

He said that cyber attacks on private networks are ‘comparatively easy to launch, cheap to launch, the amount you can steal is enormous, and the chances of getting caught are miniscule'.

He said that this was because security is inherently a generation behind the attackers, and the increasingly interwoven nature of the internet means private companies are forced to guard a perimeter that is virtually limitless.

“It's so easy and so profitable to have these cyber attacks, it doesn't matter how good the firewalls are. People will attack because the incentive is so enormous to do so,” he said.

Uri Rivner, head of new technologies, identity protection and verification at RSA, said that he thought the review was a good idea, but the government needs to take a lead from banks when it comes to security.

He said: “I agree with it. You think of the government as being secure, they are not in the same way as financial services are, that have had to fight Trojans. The police have an e-crime unit so there is a lot of work done in that area, but in the corporate world it is an issue of knowledge and how you handle new threats and balance technology and capability.

“These are threats that banks have faced every day and for the last ten years, and the first thing should be to ask the banks what they are doing, that is what Howard Schmidt should do.”


Find this article useful?

Get more great articles like this in your inbox every lunchtime

Video and interviews