Wanted: Improved Security - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


Wanted: Improved Security

Companies and ISPs were urged by government and private-sector security experts at the RSA Conference to get tougher on network security, while software makers were advised to make security features easier to use.

Corporate boards and Internet service providers need to get tougher about protecting their networks against hacker attacks and viruses, and software vendors need to make security features easier to use, according to government and private-sector cybersecurity experts speaking at the RSA Conference this week.

In a keynote address at the cryptography and computer-security conference in San Francisco on Wednesday, Gen. John Gordon, assistant to the president for homeland security, called on software developers to improve their products' quality. A panel discussion on information security and corporate governance later that day included former White House cybersecurity adviser Richard Clarke, now chairman of Good Harbor Consulting, which advises companies on selling to the Department of Homeland Security and other government agencies; Richard Holleyman, CEO of the Business Software Alliance, an anti-digital piracy group; and Scott Charney, chief trustworthy computing strategy officer at Microsoft.

Among their remarks:

  • Clarke said last year was a "market failure" in cybersecurity, "and 2004 doesn't look much better," he said. In general, Internet service providers "do nothing about security. The market isn't forcing the ISPs to do anything about security--it's not a reason people choose one ISP over another."
  • According to Holleyman, "Information security isn't solely a technical issue." It requires management participation, he said, and corporate board members don't understand their roles and responsibilities.
  • Charney, a former Justice Department lawyer, said the spread of worms and viruses last year wasn't surprising--it takes the IT market a while to work against them. Most companies are using Microsoft software designed before threats like the SoBig and Blaster worms that spread across computer networks last year. Microsoft's latest server version of Windows, he said, prevents infected computers from spreading the worm to other machines. "It's going to take time to fix this problem, because the legacy systems weren't designed for the current threat model," he said. "We're in a tough situation, and it's likely to remain tough."
  • Gordon said the U.S. intelligence community needs to create "a new breed of cybersecurity analysts." Adding security features to home networks also is too difficult, he said. "The industry needs to make it easy for users like me, who are reasonably technically competent, to set up security and encryption features." And if the software industry got tougher on quality assurance, it could close off paths of cyberattacks.
  • We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
    Comment  | 
    Print  | 
    More Insights
    State of the Cloud
    State of the Cloud
    Cloud has drastically changed how IT organizations consume and deploy services in the digital age. This research report will delve into public, private and hybrid cloud adoption trends, with a special focus on infrastructure as a service and its role in the enterprise. Find out the challenges organizations are experiencing, and the technologies and strategies they are using to manage and mitigate those challenges today.
    Get Your Enterprise Ready for 5G
    Mary E. Shacklett, Mary E. Shacklett,  1/14/2020
    Modern App Dev: An Enterprise Guide
    Cathleen Gagne, Managing Editor, InformationWeek,  1/5/2020
    9 Ways to Improve IT and Operational Efficiencies in 2020
    Cynthia Harvey, Freelance Journalist, InformationWeek,  1/2/2020
    Register for InformationWeek Newsletters
    Current Issue
    The Cloud Gets Ready for the 20's
    This IT Trend Report explores how cloud computing is being shaped for the next phase in its maturation. It will help enterprise IT decision makers and business leaders understand some of the key trends reflected emerging cloud concepts and technologies, and in enterprise cloud usage patterns. Get it today!
    White Papers
    Twitter Feed
    Sponsored Live Streaming Video
    Everything You've Been Told About Mobility Is Wrong
    Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
    Sponsored Video
    Flash Poll