With all the discussion about #cybersecurity legislation this week, a small but important story has gone largely ignored. On Thursday, the European Parliament called the development of global standards for cybersecurity regulation ending the current "ad hoc" international efforts http://bit.ly/buNBkC
The idea is to create broader legislation and regulation outside of the European union. This represents an aggressive approach to controlling the many challenges around this issue including global regulation and cooperation rarely seen or suggested. "Despite the borderless nature of the #Internet, international regulation of #online security does not yet exist, resulting in a multiple abuses from small-scale theft and identity fraud to espionage and mass attacks that shut down a business or utility."
Meanwhile crucial piece of US #cybersecurity legislation is moving closer to becoming law after being approved during a Commerce, Science & Transportation Committee hearing Wednesday.
The #Cybersecurity Act, S. 773, aimed at protecting critical U.S. network infrastructure against cybersecurity threats by fostering collaboration between the federal government and the private sector (#public/private partnership) firms that maintain that infrastructure, is now on its way to the Senate floor.
The Cybersecurity Act calls for a revision of cybersecurity processes and oversight in government, the facilitation of public-private partnerships on keeping computer systems safe, the funding of cybersecurity research, and the hiring of more cybersecurity specialists. Companion legislation that would create the national cybersecurity adviser position -- the National Cybersecurity Advisor Act, S.778 -- is still pending before the Senate Committee on Homeland Security and Government Affairs.
This past February saw the passage of House cybersecurity bill called the Cybersecurity Enhancement Act of 2009 (HR 4061), first introduced by Rep. Daniel Lipinski (D-IL) last year. That bill funds research and development for a comprehensive cybersecurity plan that would involve the cooperation of several federal agencies http://nyti.ms/bEQpCk
So where is this conversation going? Global I think but with the United States and Europe leading. Perhaps they have the most to fear and/or protect. After all it appears these governments have biggest target on their backs. This will take a while to wind itself through the legislative processes that be, but the future is clear. Governments have finally heeded the alarm bells, and they are responding.
Sunday, March 28, 2010
Monday, January 25, 2010
Why San Diego and Maryland Should Work Together on a National Cybersecurity Effort
Recently Maryland stepped publicly to say that they want to become "the Silicon Valley of cybersecurity". In a report published by the the state, Governor Martin O'Malley says that Maryland has the assets, including a "cluster" of required IT capabilities, to support the federal government's growing cybersecurity requirements.
The report, titled "CyberMaryland," cites Maryland's higher education, R&D, technology workforce, and base of businesses and government agencies as reasons it's well suited to play a central role in cybersecurity.
I applaud Maryland's proactive approach and suggest that San Diego become part of this dialog. Instead of competing with Maryland, I suggest that we reach out and Partner with the state to support their efforts while bolstering our own prospects as a West Coast beacon on cybersecurity. In combating the problem of cyber security, many cities and states must emerge as leaders of cyber and Maryland and San Diego have first mover advantages.
San Diego is well suited to lead cyber from the West Coast, nationally and even internationally due to it's unique characteristics as a community. Collaborative law enforcement, military presence, world class universities focusing on cyber, a border with Mexico and many other factors favor San Diego as a center of cyber excellence.
Governor O'Malley says that "Maryland is poised to lead the nation's war on cyber crime," O'Malley serves co-lead on homeland security for the National Governors' Association Public Safety Task Force and on the U.S. Homeland Security Advisory Council. Included in the Maryland report is a proposal to establish, via federal funding and a public-private partnership, a National Center of Excellence for Cybersecurity in the Maryland. Potential components will include a "new technology incubator, testing labs, education, and training." The report also recommends aligning Maryland's cybersecurity initiatives with those of the Obama Administration and developing the state's "brand" as a cybersecurity epicenter. Maryland does have several advantages in this pursuit. The state is home to more than 50 federal facilities and a dozen military installations. Several government agencies involved in cybersecurity are headquartered in Maryland or have facilities there, including the National Security Agency, Intelligence Advanced Research Projects Activity, and National Institute of Standards and Technology. The DOD's Defense Information Systems Agency plans to relocate to Fort Meade in Maryland next year. Defense Secretary Robert Gates issued an order last June to establish the U.S. Cyber Command, with a purpose of centralizing the U.S. military's cybersecurity operations. At the time, Gates indicated that Maryland was a preferred location. While Maryland is well positioned on the East Coast, San Diego is well positioned to serve the needs of the West Coast. We also have a cluster of IT related technologies but our real strength comes in the form of collaboration. In helping the organize San Diego around cyber as part of the ESET's Securing Our eCity "Model City" project www.securingourecity.org, I have seen stakeholders from government, private and non-profit, education, military step up to support San Diego's need to organize around cyber.
Sunday, January 24, 2010
Securing Our eCity "Model City" Stakeholders Meeting Attracts 100 Leaders from Around the US
We are excited to share an near overwhelming and positive response from private and public entities from San Diego, the State of California and Washington DC regarding our Securing Our eCity – Model City Project meeting being held this Wednesday, January 27th at the SDSU Alumni Center in San Diego.
We have over 100 high level stakeholder participants already confirmed. Representatives from the U.S. Department of Homeland Security; Secretary of Emergency Management Agency for the State of California, Mr. Matt Bettenhausen; State of California, Chief Security Information Officer, Mark Weatherford; Attorney General, Karen Hewitt, The Honorable Mayor of San Diego, Jerry Sanders and Industry leaders including representatives from AT&T, Sempra Energy, SAIC, Barney and Barney, Intuit and many more, will be present for our interactive discussion on San Diego becoming a model cyber secure city.
We see SOeC Model Cyber City Project as foundational to the national success of community based cyber security initiatives in 2010. During the first week of December 2009, the Securing Our eCity (SOeC) and National Cyber Security Alliance (NSCA) we held seventeen meetings and touched twenty-nine organizations in San Diego. Fundamentally, we have gained support from the five segments that comprise a city and will allow us, with their engagement, to build out a model cybersecure city template which can be rolled out across North America. The five groups include:
· Government
· Law enforcement
· Education
· Industry
· Community
All key stakeholders have agreed to meet in January and further build the foundation for the model cyber city. We have another twenty to twenty-five organizations that our current stakeholders recommended that we reach out to and potentially invite to join our stakeholder meeting.
We are very excited that you and fellow leaders from the federal, state and local agencies, industry, non-profit associations, law enforcement and our greater San Diego community are able to join us at the Securing Our eCity – Model City Project meeting on 27 January 2010.
We look forward to the participation of all these public and private groups this week in an interactive discussion about how to make San Diego a "model" for cyber security awareness, preparedness and education throughout the nation.
Meeting details:
Securing Our eCity – Model City Project
SDSU Alumni Center
55th Street and Hardy, San Diego, CA
Grand Ballroom
Noon – 5PM
Reception following immediately until 6:30PM
We have over 100 high level stakeholder participants already confirmed. Representatives from the U.S. Department of Homeland Security; Secretary of Emergency Management Agency for the State of California, Mr. Matt Bettenhausen; State of California, Chief Security Information Officer, Mark Weatherford; Attorney General, Karen Hewitt, The Honorable Mayor of San Diego, Jerry Sanders and Industry leaders including representatives from AT&T, Sempra Energy, SAIC, Barney and Barney, Intuit and many more, will be present for our interactive discussion on San Diego becoming a model cyber secure city.
We see SOeC Model Cyber City Project as foundational to the national success of community based cyber security initiatives in 2010. During the first week of December 2009, the Securing Our eCity (SOeC) and National Cyber Security Alliance (NSCA) we held seventeen meetings and touched twenty-nine organizations in San Diego. Fundamentally, we have gained support from the five segments that comprise a city and will allow us, with their engagement, to build out a model cybersecure city template which can be rolled out across North America. The five groups include:
· Government
· Law enforcement
· Education
· Industry
· Community
All key stakeholders have agreed to meet in January and further build the foundation for the model cyber city. We have another twenty to twenty-five organizations that our current stakeholders recommended that we reach out to and potentially invite to join our stakeholder meeting.
We are very excited that you and fellow leaders from the federal, state and local agencies, industry, non-profit associations, law enforcement and our greater San Diego community are able to join us at the Securing Our eCity – Model City Project meeting on 27 January 2010.
We look forward to the participation of all these public and private groups this week in an interactive discussion about how to make San Diego a "model" for cyber security awareness, preparedness and education throughout the nation.
Meeting details:
Securing Our eCity – Model City Project
SDSU Alumni Center
55th Street and Hardy, San Diego, CA
Grand Ballroom
Noon – 5PM
Reception following immediately until 6:30PM
Third Time is a Charm - 3rd APWG/NCSA Online Messaging Convention Meeting
Recently I attended the 3rd APWG/NCSA Online Consumer Messaging Convention meeting in Seattle, WA. This meeting with graciously sponsored by Microsoft. The focus on this working group has been to meet the important challenge laid out by the Obama Administration, http://preview.tinyurl.com/n9jobu
The Online Consumer Messaging Convention was formed as a public/private partnership to craft and propagate essential online safety messages for the general public. Like the "Smokey the Bear" and "Friends Don't Let Friends Drive Drunk" campaigns, a new cyber security ad campaign will seek to create broad awareness and education among the US population about the importance of cyber security best practices.
The Coalition continues to expand to include new members keen on creating a unified cyber security message. The Coalition includes private companies such as Microsoft, Google, Facebook, MySpace, Intuit, SAIC, Paypal, Verisign, Symantec, McAfee, ESET, RSA, Costco, Wal-mart, and association and government members such as National Cyber Security Alliance, Anti Phishing Working Group (the primary organizers of this effort), American Banking Association, US Chamber of Commerce, FTC, IRS, Department of Homeland Security and The White House.
At this meeting, we focused on selecting a quality organization to help lead the development of the actual unified message for cyber. Several RFPs were collected by companies interested in creating the message on behalf of the organization. Proposals were presented and verbally supported by the 3 finalists groups.
While the first 2 working meetings have focused on group organization, establishment of a clear and concise agenda and education of Coalition members about the issues involved, this meeting is getting to the key work the Coalition set out to do.
This has included educational presentations about cyber security education by Carnegie Melon University http://preview.tinyurl.com/66lvtt and Palo Alto Research center http://www.parc.com/, legal advisement around legal entity and IP matters, and cause marketing by The Ad Council http://preview.tinyurl.com/dandg7
The next meeting will take place at the end of RSA in San Francisco on March 5th. This group continues to be a strong example of he power of public/private partnership in addressing the complex issues around making the US a cyber safe nation.
The Online Consumer Messaging Convention was formed as a public/private partnership to craft and propagate essential online safety messages for the general public. Like the "Smokey the Bear" and "Friends Don't Let Friends Drive Drunk" campaigns, a new cyber security ad campaign will seek to create broad awareness and education among the US population about the importance of cyber security best practices.
The Coalition continues to expand to include new members keen on creating a unified cyber security message. The Coalition includes private companies such as Microsoft, Google, Facebook, MySpace, Intuit, SAIC, Paypal, Verisign, Symantec, McAfee, ESET, RSA, Costco, Wal-mart, and association and government members such as National Cyber Security Alliance, Anti Phishing Working Group (the primary organizers of this effort), American Banking Association, US Chamber of Commerce, FTC, IRS, Department of Homeland Security and The White House.
At this meeting, we focused on selecting a quality organization to help lead the development of the actual unified message for cyber. Several RFPs were collected by companies interested in creating the message on behalf of the organization. Proposals were presented and verbally supported by the 3 finalists groups.
While the first 2 working meetings have focused on group organization, establishment of a clear and concise agenda and education of Coalition members about the issues involved, this meeting is getting to the key work the Coalition set out to do.
This has included educational presentations about cyber security education by Carnegie Melon University http://preview.tinyurl.com/66lvtt and Palo Alto Research center http://www.parc.com/, legal advisement around legal entity and IP matters, and cause marketing by The Ad Council http://preview.tinyurl.com/dandg7
The next meeting will take place at the end of RSA in San Francisco on March 5th. This group continues to be a strong example of he power of public/private partnership in addressing the complex issues around making the US a cyber safe nation.
Subscribe to:
Posts (Atom)
Posts
