President Obama on Tuesday signed an executive order to strengthen the cybersecurity of critical infrastructure by increasing information sharing and by jointly developing and implementing a framework of cybersecurity practices with industry partners. How is the technology industry responding?
Lawrence Reusing, general manager of mobile security at Imation, told us it's not news to say we live in a dangerous world -- but we are in a world that's becoming more and more interconnected every day. He pointed to a reality where organizations are being targeted through remote attacks and their employees are also being targeted as travelers so they can bring malicious threats back into the organization.
"For that reason, we need to be ever vigilant in protecting ourselves from the types of attacks -- and attack vectors -- emerging within the world we live in. The United States must take a leadership position by defining policies and procedures so that our critical infrastructure is protected," Reusing said, noting this includes making sure that nefarious interests cannot directly compromise our systems and that our own government employees are protected from themselves.
"As we've seen on more than one occasion, government employees have inadvertently carried malware and other malicious software into their work areas and have accidentally installed that software onto public IT infrastructure," Reusing said. "The security industry needs to give organizations an advantage over malicious software. A comprehensive approach to cybersecurity will address these and other scenarios."
Bill Morrow, CEO of Quarri Technologies, told us recent cyberattacks targeting several high-profile media companies and government agencies provides further proof that nation-states' threats are real. Not surprisingly, he said, criminals today are carrying out very targeted and efficient attacks and are becoming more brazen.
"There is a once-in-a-generation opportunity for our leaders in public and private industry to come together in the coming weeks in an effort to put measures in place to help minimize network risks to critical infrastructure that could occur in the future," Morrow said. "There are also a number of steps the private and public sector can take in what I would call preventative medicine."
First, he argued, it is imperative that private and public industry get a better handle on which threats are the most harmful to our own interests in the United States, as this will allow us to allocate resources in the right places. Second, he continued, private industry is a leader in innovation and many of the best IT security products in the world have been developed within our borders. (continued...)