In an open letter to the new President, BigFix CTO Amrit Williams claimed that it was ‘imperative that we take this opportunity to implement a vision for how the United States and the world will securely and efficiently maximise the value of technology for the betterment of all'.
Writing in a blog, Williams said: “From organised criminal elements who prey on our inability to secure our information technology assets, to state-sponsored espionage that undermines the foundation of our strong nation, we can no longer sit idly by and hope things will change for the better or occur without action on our parts. We must demand freedom in our digital age and eliminate the fear that challenges our prosperity.”
He went on to lay out four basic requirements that, he claimed, ‘all public and private sector organisations need to implement to cope with the dynamic information security threat environment in an increasingly interconnected and complex technology landscape'.
These were: real-time visibility and control into the detailed state of all computing devices; security configuration management; continuous policy compliance and enforcement; and support for mobile and intermittently connected devices.
Williams also asked that in the first 90 days of government, there should be a consolidation of the efforts of Federal government organisations with information security responsibilities into a single organisation.
Further, he requested that the government should accommodate the interests of the private sector in communicating security incidents anonymously and enable public and private sector actors to respond quickly to fast-emerging and newly discovered threats.
This would be done by the government increasing resources available to the Department of Homeland Security's US-CERT office and restructuring the information security intelligence reporting and information sharing that occurs between the various governmental and private agencies.
He also proposed the development of a ‘World CERT' organisation to expedite cross-country coordination, planning and incident response.
Finally, Williams requested that a cross-functional task force be created and headed by the Chief Technology Office. He said this should: “Develop an initiative that allows us to understand the full scope of the cyber security problem and define communications that can explain the problem across every sector of our society.”
See original article on scmagazineuk.com