World-renowned cybersecurity chief, Howard Schmidt, yesterday called on the business community to overcome fears around disclosure, which continue to hinder the reporting of security breaches.
Schmidt said businesses need to send a clear message to the "bad guys" that they will report, investigate and prosecute.
"Let them know we will hunt them down wherever they are in the world," he told delegates attending AusCERT's Asia Pacific IT security conference on the Gold Coast.
The former FBI agent, vice chair of the U.S. President's Critical Infrastructure Protection Board, and White House special cybersecurity advisor delivered a passionate keynote on the international state of information security including the wins, the losses and the work that still needs to be done.
Schmidt, who currently heads up R&H Security Consulting LLC, talked about the correlation between the Internet today and naval wars 400 years ago.
In 1588, he said, the British fought the Spanish on the high seas to win control of shipping lanes.
"The key was to keep the shipping lanes open for commerce; it is exactly the same with the Internet we need to keep it available to do business," Schmidt said.
"The rise of phishing and online crime will continue to increase with thousands of new pieces of malware every day.
"But cyber crime is becoming more targetted and more covert so we need to bring our knowledge to a more strategic level."
Schmidt said Internet users exceeded the one billion mark at the end of 2006.
"It won't take another 20 years to get to the two billion mark with the proliferation of mobile devices and things like IP-enabled fridges," he added.
Schmidt said in enterprises today there are no longer debates about the use of intrusion detection, anti-virus or firewall provisioning.
"These technologies are institutionalised in IT operations, they are part of the mainstream and built into everyday operations," he said.
From a business perspective, he said there are a number of issues organizations should be worried about.
"Where are the threats coming from? Foreign governments. This is because it is a very competitive global environment," Schmidt said.
To make his point, he referred to a media interview where a journalist asked a senior government figure of a European nation if there was any spying being done on other governments.
"The official said no, but when the reporter asked about spying on the private sector the reply was very interesting," Schmidt said.
"The official said, if it costs 20 million Euros to buy an aircraft, and if we can steal that information and build it ourselves for five million Euros, then that is good for the country.
"Never under-estimate Intellectual Property threats to acquire business information, as it is clearly a threat we need to worry about."
Other threats listed by Schmidt included human error, the cybercriminal economy and natural disasters.
"Natural disasters can have a dramatic impact on our ability to do business, we need to look at how we can be more resilient," he said.