Businesses have the primary responsibility for ensuring security on the Internet, said Electronic Data Systems Corp. (EDS) Chairman and Chief Executive Officer Dick Brown Monday, but there also must be a high level of cooperation between businesses and governments worldwide to enhance security.
Brown said there is a striking diversity of cyber crimes being committed, from hacker attacks and break-ins to viruses, and from piracy to denial-of-service attacks. Preventing them is critical to the health of the digital economy because information must be protected or no one will trade it, said Brown in a keynote speech to the Information Technology Association of America's (ITAA) inaugural global information cyber security conference.
"One of the things we all know as policymakers and business executives is that we cannot afford for the digitial economy -- the Internet and all the 'e' connections beyond it -- to remain as vulnerable as it is today," Brown said. "We know this dynamic medium is of considerably less value if it is not secure, reliable and always available."
Businesses in all industry sectors should establish mechanisms for information sharing in the event of an attack. Information Sharing and Analysis Centers (ISACs) that have been established in the U.S. are a good example, and Brown encouraged participation in them, but said it should be voluntary, and the centers should be led by industry.
He also said governments should assess how and to what extent information about a threat can be shared with industry, while at the same time avoid increasing regulations.
In addition, he said businesses and governments must step up to the challenge together and invest in planning and information assurance services. Governments worldwide should clarify criminal laws that pertain to cyber crime and include industry in international agreements to fight cyber crime, he said. He also stressed coordination so the investigative demands of law enforcement in one country do not violate the laws of another country.
Another critical concern of industry is the short supply of experienced security professionals. EDS is addressing the issue internally through its Cyber Security Institute, which trains new and current EDS employees who have transferred to the company's security services group, Brown said. He added that the institute soon will be open to people from outside EDS.
On the margins of the two-day conference the ITAA released the results of a poll on Americans' concerns about the security of government computers. According to the results of the poll, Americans are concerned about the privacy of the personal data they share with the government and about the government's overall ability to maintain computer security.
Sixty-three percent of the 1,000 people polled by telephone between Sept. 30 and Oct. 3 said they were less likely to provide personal data to the government because of their security concerns. The poll also showed that twice as many people trust business more than government to do a better job of protecting data.
EDS, in Plano, Texas, can be reached at http://www.eds.com/ITAA, in Arlington, Virginia, can be reached at http://www.itaa.org/