If you’ll pardon a bit of editorialism for a moment, I’d like to comment on some of the talks given at the RSA show in San Francisco this week.
There are dozens of talks and panels at the RSA show, many expertly covered by media outlets such as SC Magazine and Wired.com. But I’d like to relate a brief impression from a colleague and I from the first ‘big stage’ appearance of new White House Cyber Security Coordinator, Howard Schmidt, who attended and spoke on several separate occasions.
It is well-known in both the security market, and the political arena, that sometimes the way to motivate people is to use ‘scare tactics’. That is, discussing what might happen if we don’t take threats or security measures seriously.
Having been in the security business for a while, I often refer to security management as ‘selling earthquake insurance’. It is very difficult to measure the importance of something like insurance or security without painting worst-case scenarios.
There has been a lot of disaster speculation in the news recently with respect to product reverse engineering, data security, and protection of national infrastructure and cyber security. The latest is from a White Paper issued from the Cyber Secure Institute (CSI), authored by Retired General Eugene Habiger and released on Monday. A summary of the report and its criticism of policy inaction was summarized in an interview with General Habiger by SC Magazine. In his White Paper, General Habiger does not shy away from disaster speculation or its most common metaphors, stating explicitly right in the introduction:
“Our failure to proactively address this threat risks a digital Pearl Harbor or 9‐11.”
While hundreds of other blogs publish their take on the pending announcement of Howard Schmidt to the post of White House Cyber Security Coordinator, I would like to make a brief comment on where our efforts are currently being spent on the Acalis secure processor in the overarching effort to make internet activities more secure.
Ever since the Center for Strategic and International Studies published their recommendations for Securing Cyberspace for the 44th Presidency (which was itself preceeded by a great amount of analysis and study), the press has been awaiting the designation of a ‘Cyber Security Czar’ by the Obama administration. The long wait for an appointee and the escalating drama of this position, and whether it has the right amount of administrative and directive power to fulfill its mission, has had a chilling impact on an industry struggling to come up with products and processes to meet our national security needs. Continue reading