Make Security a National Priority

By Chris Preimesberger  |  Posted 2008-04-08 Print this article Print

Coviello said that the recommendations of his research group are clear. They align the practitioner with the business and align the implementation of security with the risk.

"At most companies today, security projects are being driven by compliance and audit, so what a surprise that they don't have alignment with the business! Security practitioners are not working on business problems; they are working on regulatory issues," Coviello said.

He called for more aggressive action on a number of fronts to help enable innovation, and offered some recommendations:

"First, Congress should pass a breach notification law that creates one federal standard for notifying consumers should a breach of personally identifiable information occur, and establish national baseline standards for safeguarding sensitive information," he said. "Right now there are 40 separate state bills. Makes no sense."

Coviello went on: "Second, we need more government investment in education to produce better trained programmers and security professionals, the human resources we are in dire need of. And third, if we want to enable innovation with more innovative security we need to spend more on research. When you consider the stakes, cyber-security research should be a high priority."

Thinking security

The RSA president then called for a "thinking security" approach.

"This requires a different breed of technology. We must look beyond tools that blindly lock down data toward mechanisms that can understand information and safeguard it intelligently throughout its life cycle," Coviello said.

"From targeted advertising, to Internet search, to online book recommendations, our daily activities are empowered by a growing computer understanding of human discourse and behavior. Thinking security is about co-opting this intelligence to bring new flexibility and strength to information protection."

Coviello said. the idea of "thinking security" cannot be independently accomplished. It is interdependent on and with the IT infrastructure and should be just one element of that infrastructure.

"The rise of thinking security will mean that information-centric security is a reality that will catapult security to a new plane where it is widely seen as an accelerator of innovation," Coviello said.

Chris Preimesberger Chris Preimesberger was named Editor-in-Chief of Features & Analysis at eWEEK in November 2011. Previously he served eWEEK as Senior Writer, covering a range of IT sectors that include data center systems, cloud computing, storage, virtualization, green IT, e-discovery and IT governance. His blog, Storage Station, is considered a go-to information source. Chris won a national Folio Award for magazine writing in November 2011 for a cover story on and CEO-founder Marc Benioff, and he has served as a judge for the SIIA Codie Awards since 2005. In previous IT journalism, Chris was a founding editor of both IT Manager's Journal and and was managing editor of Software Development magazine. His diverse resume also includes: sportswriter for the Los Angeles Daily News, covering NCAA and NBA basketball, television critic for the Palo Alto Times Tribune, and Sports Information Director at Stanford University. He has served as a correspondent for The Associated Press, covering Stanford and NCAA tournament basketball, since 1983. He has covered a number of major events, including the 1984 Democratic National Convention, a Presidential press conference at the White House in 1993, the Emmy Awards (three times), two Rose Bowls, the Fiesta Bowl, several NCAA men's and women's basketball tournaments, a Formula One Grand Prix auto race, a heavyweight boxing championship bout (Ali vs. Spinks, 1978), and the 1985 Super Bowl. A 1975 graduate of Pepperdine University in Malibu, Calif., Chris has won more than a dozen regional and national awards for his work. He and his wife, Rebecca, have four children and reside in Redwood City, Calif.Follow on Twitter: editingwhiz

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel