Now that the federal government has shown its cards on the issue of Internet security, a newly formed task force of security company executives is planning a response that it hopes will make some measurable progress in the effort to improve computer security.
The CEO Cybersecurity Task Force will by the end of this year release a set of best practices for network security that it hopes to convince corporations to adopt as a minimum standard. The task force plans to challenge other executives to have their companies meet these baseline requirements by a certain date, which has yet to be determined.
The hope is that peer pressure and a walk-before-you-run approach will entice laggard enterprises into shoring up their security.
"Its very important that we get this done," said Barry Bycoff, co-chair of the task force and CEO of Netegrity Inc., based in Waltham, Mass. "The baseline will obviously change each year. And we hope to get other organizations and consulting firms involved in advocating this."
The task force, formed last week, is a subset of TechNet, a national organization of technology industry CEOs, somewhat akin to a lobbying group, that works with legislators to help shape policy. In addition to developing the baseline security guidelines, the task force plans to work closely with government security officials to develop an efficient, workable plan for public-private information sharing of attack and threat data.
This is a hot topic both in Washington and in Silicon Valley, where corporate IT staffs see little to gain by divulging such sensitive data.
But Bycoff believes there is a middle ground that must be reached for the good of all concerned.
"The impact of these attacks can be greatly limited if an effective communication channel can be set up," he said. "Weve been very active in working with [government officials] on this."
The Department of Homeland Security, still in its infancy, has absorbed much of the governments information security infrastructure, including the FBIs National Infrastructure Protection Center, the Critical Infrastructure Assurance Office, the Federal Computer Incident Response Center and the National Communication System. Bycoff and others hope that this consolidation will ease interagency tensions and help promote better information sharing both within the government and between Washington and the public sector.
"In theory, thats a much more effective, more efficient way to do it," he said.
Latest Security News: