CIOs needs to be proactive in security: NSA
- 06 October, 2010 15:57
A former CIO and deputy director of the United States National Security Agency (NSA) has urged CIOs to become more proactive in their approach to corporate security consciousness.
“They’re just now getting their hands wrapped around this problem,” Dr Prescott Winter, who spent 27 years with the NSA, told CIO.
“But I’m afraid many of them are still reactive. The ones who have been burned are extremely proactive, they’re really leading the charge and many of them who have been burned are actually out on the circuit speaking on behalf for better cybersecurity activities and policies.”
Winter cited numerous experiences in which he found CIOs became deathly afraid of potential holes in their corporate security, particularly in areas involving critical infrastructure.
In one example, Winter pointed to a nuclear energy producer which found two separate botnets operating within its network, while another engineering firm discovered its network was the source of a pornographic distribution network.
“There’s a lot of stuff out there that people don’t know simply because they’re not looking,” he said.
Winter commended Australian service providers for taking the lead in collaborating on cybersecurity measures - largely formulated out of industry watchdog the Australia Communications and Media Authority (ACMA) - but said large enterprises would ultimately be required to ensure their networks weren’t prone to corruption from botnet viruses or other potential shortfalls in security.
“In the long run the biggest threat to functioning democracies is probably the loss of intellectual property that is happening everyday because these things are not being tied down,” he said.
“Think about the amount of money put into developing new products, marketing and services - that is what keeps economic activity alive in Australia in a lot of ways. It’s going to be a very sad day when we realise a lot of these are coming from Beijing or somewhere else.”
Winter rattled off the common excuses from CIOs around security - “we don’t know what we don’t know”, “we don’t like what we now that we know it” and “we are spending too many resources fixing things” - but said these would ultimately have to be sacrificed in favour of a more proactive approach to securing cyber defences.
The NSA CIO’s concerns come as threats of targeted distributed denial of service (DDoS) attacks have increased in the public sphere of late, particularly against those groups tied to legal protection of intellectual property and copyright.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.
How to Switch From iPhone 5S to BlackBerry Z30 (and Why)
CIOs to Become In-House Brokers -- and That's a Good Thing
The future of computing
10 Hot Hadoop Startups to Watch
The future of computing
The CIO Paradox
As there are timeless leadership principles underlying IT value, there are unfortunately also timeless challenges that thwart the IT organisations efforts and make for a rocky path to CIO success. These are the inherent contradictions we call the CIO Paradox.
The Future of IT: From Chaos to Service Automation
Technology has become the heart and soul of every business, but IT workload and system complexity become more challenging. This whitepaper details the future of IT, the major challenges facing CIOs, and the three ways to transform IT so CIOs can lead the way.
Empowering Modern Finance - The CFO as Technology Evangelist
The CFO as Technology Evangelist is a research report commissioned by Oracle and Accenture, in collaboration with Longitude Research, that explores how modern CFOs and finance executives are adopting emerging technologies within their finance functions to enable the development of new capabilities and to transform the role of finance.