National cyber security leadership starts now
– Enrique Salem is president and CEO of Symantec Corp. The views expressed are his own. –
We recently had the privilege of hosting Melissa Hathaway, cyber security chief at the National Security Council, at Symantec’s Government Symposium, our annual conference for public sector customers and government officials.
In one of her first appearances following the White House announcement of the 60-day cyber review results, which examined the country’s preparedness against cyber attacks, Ms. Hathaway outlined the report’s recommendations to help the United States achieve a more reliable, resilient, and trustworthy digital infrastructure for the future.
Development of the report is a reflection of the Administration’s commitment to addressing our nation’s cyber security and elevating it to the national priority that it deserves. We whole heartedly support President Obama’s efforts and appreciate his leadership on this initiative.
The report recommends that the president names an official who would be responsible for coordinating the nation’s cyber security policies and activities across government. This is a critical and necessary position that should be a senior adviser in the White House.
The recent mass denial of service attacks on the websites of various U.S. government agencies in early July, serves to emphasize the need and urgency for such a position to be created.
With that in mind, there are several actions that can taken by Congress right now – immediately – to increase the nation’s cyber security and to help the cyber security coordinator hit the ground running once that position is named by the White House.
Rising tide of cyber-crime shows why we need Web regulation
Michael Barrett is the Chief Information Security Officer at PayPal. He is on the advisory board of StopBadware.org, an anti-malware “neighborhood watch” led by Harvard University’s Berkman Center for Internet & Society.
In less than five years, Internet crime has changed from an anomaly of teenage vandals into a multi-billion dollar industry. Just one form of cyber crime, “phishing,” where criminals masquerade as trustworthy entities in e-mails and instant messages to steal private data, reportedly amassed $3.2 billion last year. Another form, spyware, where software surreptitiously monitors a victim’s online activity, prompted 850,000 U.S. households to replace their computers and inflicted damages totaling $1.7 billion, reported the Consumer Reports National Research Center State of the Net Survey.
At the same time, Internet usage has skyrocketed worldwide with 20 percent of the world’s population, or about one billion people, online today. It’s not hard to understand why the Internet’s popularity has continued to grow in the face of its threats. Could you get through your workday without e-mail or search? Could your kids make it to dinner without checking Facebook or sending a text? If you’re like most people I know, the answer is likely, “no way.”
We are socially and economically dependent on the Internet – a fact that makes us vulnerable in tough financial times. So, it may surprise you to know that no single entity is responsible for regulating the Internet or keeping its users safe.
Historically, Internet safety has relied on the goodwill of a few small actors such as non-profits like StopBadware.org, an anti-malware neighborhood watch led by Harvard’s Berkman Center for Internet & Society. Within the federal government, the Federal Trade Commission monitors Internet fraud and the Department of Homeland Security oversees a national cyberspace response system. The private sector, offering a host of cyber-security products and tools, and consumers also play a powerful role in keeping us all safe online. Companies such as my own employer, PayPal, invest substantially in the security of our own applications and infrastructure; we have state of the art fraud management systems; we work with law enforcement to catch, prosecute, and convict criminals whenever possible. But the persistence of the cyber-crime industry continues.
Although this deregulated approach to Internet safety has largely served us well over the past 15 years, some question whether it’s enough to tackle today’s burgeoning Internet crime industry. Indeed, what’s distressing is there is no reason to believe that Internet crime is under any effective control. This is not due to inertia or lack of interest. All of the trend lines reported by private industry and government continue to show growth “up and to the right.”
I am a successful online entrepreneur(publisher and digital films) who has used paypal for four years now. Merchants never see client card information, it is masked by layers of encryption. We never see any type of proprietary information except email address and shipping address, at clients discretion. While I do agree that there is cybe crime; this type of online rip off is a drop in the ocean compared to the wholesale looting of the Treasury that has occured on Wall Street during the last eight years.
Now those dudes are into some serious criminality . Trillions stolen. Peoples houses stolen, communities targeted and destroyed; whole States left in financial ruin. The biggest heist in history.
We need regulation. But no one needs it as much as the financial services industry does.
