CIOs needs to be proactive in security: NSA
- 06 October, 2010 15:57
A former CIO and deputy director of the United States National Security Agency (NSA) has urged CIOs to become more proactive in their approach to corporate security consciousness.
“They’re just now getting their hands wrapped around this problem,” Dr Prescott Winter, who spent 27 years with the NSA, told CIO.
“But I’m afraid many of them are still reactive. The ones who have been burned are extremely proactive, they’re really leading the charge and many of them who have been burned are actually out on the circuit speaking on behalf for better cybersecurity activities and policies.”
Winter cited numerous experiences in which he found CIOs became deathly afraid of potential holes in their corporate security, particularly in areas involving critical infrastructure.
In one example, Winter pointed to a nuclear energy producer which found two separate botnets operating within its network, while another engineering firm discovered its network was the source of a pornographic distribution network.
“There’s a lot of stuff out there that people don’t know simply because they’re not looking,” he said.
Winter commended Australian service providers for taking the lead in collaborating on cybersecurity measures - largely formulated out of industry watchdog the Australia Communications and Media Authority (ACMA) - but said large enterprises would ultimately be required to ensure their networks weren’t prone to corruption from botnet viruses or other potential shortfalls in security.
“In the long run the biggest threat to functioning democracies is probably the loss of intellectual property that is happening everyday because these things are not being tied down,” he said.
“Think about the amount of money put into developing new products, marketing and services - that is what keeps economic activity alive in Australia in a lot of ways. It’s going to be a very sad day when we realise a lot of these are coming from Beijing or somewhere else.”
Winter rattled off the common excuses from CIOs around security - “we don’t know what we don’t know”, “we don’t like what we now that we know it” and “we are spending too many resources fixing things” - but said these would ultimately have to be sacrificed in favour of a more proactive approach to securing cyber defences.
The NSA CIO’s concerns come as threats of targeted distributed denial of service (DDoS) attacks have increased in the public sphere of late, particularly against those groups tied to legal protection of intellectual property and copyright.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.
Five trends affecting legal CIOs
CIO Roundtable: The changing face of security
Bitcoin malware count soars as cryptocurrency value climbs
Bouncing Back From CIO Unemployment
Union slams latest fibre-to-premise trial in Tasmania
Chandler Macleod recruits new user virtualization platform
One of Australasia’s largest and most successful recruitment and human capital management companies share their success story after recruiting a user virtualization platform, giving them control over the users and devices that have access to specific applications.
Cloud-Based Mobile Device Security Streamlines Data Protection
Read this white paper to learn why cloud-based security offers superior protection that meets today’s requirements for identifying and preventing access to malicious sites and applications while reducing management complexity and IT staff time and effort. This whitepaper discusses: • Increased use of mobile devices and the associated risks • Ways to address security challenges • Benefits of cloud-based anti-malware solutions
The Collaboration Paradox
In this whitepaper, we look at how new collaboration tools enable global executives to get more out of teams and make faster decisions. However, these teams feel restricted by outdated communication methods that lead to slower decision making and ultimately wasted time and money. Download to hear from the most enthusiastic adopters of collaboration tools and the benefits they have seen in their workplace.