WHO-like global cyber security group needed to tackle cyber threats: Kundra
- 15 February, 2012 16:04
Salesforce.com executive vice-president of emerging markets,Vivek Kundra.
The formation of a global cyber security group similar to the World Health Organisation (WHO) is required in order to share vital information, according to former United States Federal Government chief information officer, Vivek Kundra.
Speaking at the Australian Information Industry Association (AIIA) Summit in Canberra, Kundra, who is now executive vice-president of emerging markets for Salesforce.com, said the proposal came as a result of trying to securely manage 2094 data centres during his CIO tenure at the White House.
In-depth: Information security 2011 Research Report.
“In the context of federal [government] systems, we realised that with 2094 data centres we were not very secure,” Kundra said. “The fragmented infrastructure and uneven talent distribution in terms of managing those data centres was creating vulnerabilities.”
Another problem Kundra faced was US government officials sometimes believing that because they owned and operated the system, they were more secure. “If you think about national security, our [US] command and control infrastructures have been under attack since the days of the Pony Express,” he said.
As most of the world is now interconnected via the Web, Kundra said a WHO-like cyber security body could share information about risks and collaborate on a global level, much like the WHO does when assessing epidemics. “We can’t pretend that we live in a geographically constrained area when it comes to cyber security,” Kundra said. “The power of the internet allows you to plug into the global grid but also leaves you open to attack.”
In addition, Kundra outlined how he deployed a 'Cloud First' policy within the US Federal Government to cut down on what he deemed wasteful IT spending.
“We were spending US$80 billion on information technology, yet when we looked at the citizen experience, we realised that it was one of the worst because you either had to wait in line for government services, hold on the phone or submit a long paper form to get some of those services.”
To give government officials a clearer picture of spending, he developed an IT dashboard which shared the performance of every IT project, and budget expenditure.
Within weeks of the dashboard going live, the Veteran Affairs department halted 45 IT projects and terminated four of them.
“Cloud First forced an injection of consumer technologies into the enterprise and departments didn’t have to spend billions of dollars on upgrades but could move to a notion of service provisioning,” Kundra said.
Follow Hamish Barwick on Twitter: @HamishBarwick
Follow CIO Australia on Twitter: @CIO_Australia
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.
Why IT projects really fail
The enlightened CIO’s guide to running projects
Why IT projects really fail
Queensland government to provide 200 services online by 2015
Call Centers Suffer From Big Data Overload
Enterprise Mobility Management: Embracing BYOD Through Secure App and Data Delivery
The first response of many IT organisations to the influx of consumer-grade and employee-owned mobile devices has been to lock down and control every mobile device in the enterprise through mobile device management (MDM) solutions. Yet, the transformation of computing through mobility, consumerisation, bring-your-own device (BYOD) and flex-work offers powerful benefits for today’s organisations - but it poses significant challenges for IT. Download now to find out what is the best approach for mobility management.
Meeting Business Data Protection
When it comes to data back-up and recovery, the rules have changed. Virtualization has enabled IT organisations to become more efficient, but also more complex. This whitepaper addresses these new realities, and provides a comprehensive solution for virtual and physical environments, backup of applications and data, disaster recovery and replication of complete systems or applications, and for ensuring high availability of mission-critical services.
Pathways Course Curriculum 2014
Developed by the CIO Executive Council, Pathways is a unique, flexible, self-managed, self-paced 12-month professional development program that brings together best practices, thought leadership and business insights for today’s most promising ICT professionals. Pathways is designed and delivered by leading local and global CIOs; enabling participants to capitalise on mentor CIOs personal experiences, expertise and knowledge.