Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

A Profound Moment in Cybersecurity

Richard Power looks at the big picture and how security must move forward
Page:

The moment is a profound one.

A new administration is in the process of taking over the reins of the vast realm of the U.S. federal government. The nation is confronted with serious threats both global and domestic: economic and financial crisis, terrorism, nuclear proliferation, organized crime, climate change and even potential pandemics.

And then there is ever-broader scope of cyber-related risks and threats, significant on its own, and exponentially significant when interwoven with all of the others, as it is well on its way to becoming.

What direction will this new administration take?

Will it show it has learned the lessons of the last decade?

Will it lead? And if it leads will it take the country in the right direction?

These questions of leadership, of course, are predicated on another question, a much more disturbing one, i.e., even if it decides to lead in a meaningful and substantive way, and even if it chooses the right direction to go, will anyone in the commercial sector or even the public sector really follow, in any reciprocally meaningful and substantive way?

Recently, at the height of the 2009 RSA Conference in San Francisco, I found myself ensconced on the second floor of the XYZ Lounge of the W Hotel, across the street from the Moscone Center, attempting to escape these daunting ruminations by engaging young German executive and his happy client talking about the problem of spam.

Talking with Gerhard Eschelbeck, CTO of Webroot (www.webroot.com), and Michael Skaff, CIO of San Francisco Symphony, I could put the following two blockbuster stories, and their implications, out of my mind for the better part of an hour:

"Cyberspies have penetrated the U.S. electrical grid and left behind software programs that could be used to disrupt the system, according to current and former national-security officials. The spies came from China, Russia and other countries, these officials said, and were believed to be on a mission to navigate the U.S. electrical system and its controls. The intruders haven't sought to damage the power grid or other key infrastructure, but officials warned they could try during a crisis or war." Siobhan Gorman, Wall Street Journal, 4-8-09

"Nearly 1,300 computers in more than 100 countries have been attacked and have become part of a computer espionage network apparently based in China, security experts alleged in two reports Sunday. The network was discovered after computers at the Dalai Lama's office were hacked, researchers say. Computers -- including machines at NATO, governments and embassies -- are infected with software that lets attackers gain complete control of them, according to the reports. Reports: Cyberspy network targets governments, CNN, 3-29-09

Page:

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: Addison-Wesley, BT, CNN, Computer Security Institute, Counterpane, etwork, Hathaway, Mellon, MIT, NATO, NN, RSA, Sun Microsystems, Wall Street, Webroot
References show all

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the CIO comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: cybersecurity
Latest Blog Posts
Whitepapers
  • SOA and Business Processes: Making the Connection
    Service-Oriented Architecture (SOA) is also complex, and one of its main characteristics is that an SOA system is comprised of multiple applications that are combined to accomplish critical business processes. Discussions of SOA can quickly grow so complex that the system’s main benefits to an organization are difficult to fully understand. This article discusses SOA Suite 11g, a family of products that take SOA to a new level and correct some of the problems caused by the very combination of components and multiplication of languages that make SOA a flexible, agile system.
    Learn more »
  • High Availability with Oracle Database 11g Release 2
    In this paper, we review the common causes of application downtime and discuss how technologies available in the Oracle Database can help avoid costly downtime and enable rapid recovery from unplanned failures and also minimize impact from planned outages. We also highlight new technologies introduced in Oracle Database 11g Release 2 that enable businesses to make their IT infrastructure even more robust and fault tolerant, maximize their return on investment on high availability infrastructure, and provide better quality of service to users.
    Learn more »
  • Top 5 Threat Protection Best Practices
    Small businesses are especially vulnerable to computer viruses and lost or stolen data, since they typically lack the IT resources to deal with these threats. Inadequately protected computers open the door to annoying infections, or worse, serious business disruption. Below are five simple and effective strategies to help you protect your business against an ever-increasing number of threats.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.
Recent comments