I recently had the fantastic opportunity to participate on a panel discussion concerning cyber security. The event was hosted by the Bellevue Chamber of Commerce and coordinated by the US Chamber of Commerce and the Department of Homeland Security. Last year the Bush administration launched the Comprehensive National Cyber security Initiative or CNCI. Although focused primarily on securing federal computer systems, it recognizes the need to work with the private sector as well. The US Chamber of Commerce and the Department of Homeland Security are holding regional roundtable discussions in conjunction with various chambers of commerce. I believe then next one is in late March in Ann Arbor, Michigan, followed by another in San Diego in April.
The event in Bellevue featured a government panel and a private sector panel with presentations by the Washington State Attorney General Rob McKenna and Rear Admiral Mike Brown. The government panel included:
• Rear Admiral Mike Brown, Acting Assistant Secretary, Office of Cybersecurity and Communications, DHS
• Major General Timothy Lowenberg, Adjutant General/Homeland Security Advisor, State of Washington
• Agnes Kirk, Chief Information Security Officer, Department of Information Services, State of Washington
• Bill Schrier, Chief Technology Officer, City of Seattle
This panel discussed the challenges that government faces with cyber security, including how to better share information with the private sector. The private sector panel included:
• Stephen Whitlock, Chief Strategist, Information Security, The Boeing Company
• Angela McKay, Senior Security Strategist, Trustworthy Computing, Critical Infrastructure Protection Program, Microsoft Corporation
• Randy Abrams, Director of Technical Education, ESET
Both panels placed education as the most critical element of cyber security. One of the questions that we on the private panel could not answer adequately was something to the effect of “How does a small business who can’t afford a fulltime security person take care of their cyber security needs. If any of you readers who own small businesses care to share your practices it would be great information to have. Sharing this type of information allows others o improve their practices, which benefits us all, and allows for feedback that can help you to improve your own security.
The whole point of the roundtables is to share information for the promotion of a more secure internet and a more secure critical infrastructure. Everyone from the home user, to the small business, to the giant corporations have a significant role in cyber security.
Director of Technical Education
Author ESET Research, ESET