The UK Applies the Centralised Cyber Security Idea

June 23rd, 2009 by Agent Smith (0) endpoint security,In The Spotlight,security breach

It seems that the centrally managed cybersecurity plans are a catchy trend. Following White House announcement, the UK is planning to create a centrally managed cybersecurity agency. All the secret operations that are currently going down within the intelligence and security services – Ministry of Defence, Home Office, MI5, MI6 and GCHQ – will be centralized and handled by a separate institution.

The UK plan will be soon made public, sometime before the summer Parliament recess, according to the Register, and will be included in the government’s updated National Security Plan.

The idea of a cyber tsar role, initially launched by US President Barack Obama, might also be implemented by the EU.

“The European Commission is now encouraging member states to cooperate on digital wargames, to simulate attacks from outside the bloc. Commissioners have suggested a European cyber security tsar should be appointed.”

Obama’s Cybersecurity Plan and the IT Security Industry

June 5th, 2009 by Agent Smith (3) In The Spotlight,security breach

US President Barack Obama has recently announced a White House coordinated security plan against cyber threats and attacks. According to the New York times that discussed the presidential speech in detail, the new plan will be carried out without any intrusions in people’s privacy. Obama promised to bar the federal government from keeping a close and permanent watch over “private-sector networks” and internet traffic.

How exactly will the plan work and how will its goals be reached? This part is unclear. What we know is that the President will appoint a new “cybersecurity coordinator”, a person with direct access to Mr. Obama and who will hopefully manage to also mediate the dissensions between the several agencies dealing with cyberthreats at the moment, such as the Pentagon, the National Security Agency, or the Homeland Security Department. According to the same article in NYTimes, this coordinator will also act as “action officer” inside the White House during cyberattacks launched on the United States by both hackers or governments.

How does this new spotlight on cybersecurity affect companies? For a lot of US companies, it’s a dream come true, as they all hoped the President will do something about the growing number of attacks.

Many computer security executives had been hoping that Mr. Obama’s announcement would represent a turning point in the nation’s unsuccessful effort to turn back a growing cybercrime epidemic. On Friday, several said that while the president’s attention sounded promising, much would depend on whom he chose to fill the role.

What I think is important to note is that the Obama announcement comes after a major shrink in IT security budgets (caused by the economic downturn), when thinks are starting to look brighter. Mixed with the major security threats and data loss cases that storm in virtual and pring newspaper and magazine pages, it will all lead to an investment increase when it comes to effective security. Which will benefit both security solution developers and companies who will no longer be exposed to significant financial losses.

Another interesting aspect of the Obama speech was his revealing information on the cyberattacks his staff had to deal with during the presidential campaign. He spoke of hackers who managed to get access to emails and campaign files, such as position papers and travel plans. The White House has finally reached a conclusion all security experts have known for quite some time, very articulately put by the US President:

“in this information age, one of your greatest strengths — in our case, our ability to communicate to a wide range of supporters through the Internet — could also be one of your greatest vulnerabilities.”