Saturday, June 19, 2021

Security Gurus to Schmidt: Less Talk, More Action

The security community is doubtful that the newly formed Global Council of CSOs will

actually aid, or even make much of a difference to, IT managers working night and day to

secure their own companies.

The council, which was formally announced at a San Francisco press conference Wednesday

afternoon, is made up of senior high-tech security executives from major corporations, like

eBay, Motorola, MCI, Microsoft, Citigroup, and Bank of America. The 10 members will form a

think tank focused on encouraging dialogue between the members, as well as between the

corporate sector and government agencies.

”We’re looking to enhance cyber security, technology, economic prosperity and national

security interests,” said Howard A. Schmidt, former White House cyber-security advisor and

a founding member of the council. ”This group represents a pretty comprehensive base of

depth of experience and depth of understanding of the issues we deal with… One of the best

things we can do is to continue the dialogue.”

But some security experts say dialogue among a few corporate executives isn’t what is

critically needed right now.

”I don’t know if this will really benefit anybody, to be honest with you,” says Keith

Peer, president and CEO of Central Command, an anti-virus company based in Medina, Ohio.

”These people are from very large companies. What concerns them is uniquely related to

major corporations. But large companies make up a very small percentage of the Internet

users in the world. They are dwarfed by the individual users, and the small- and

medium-sized enterprise users.

”I’d like to see a think tank that focuses on the majority of Internet users,” adds Peer.

What Dan Woolley, a vice president at Computer Associates International Inc., would like to

see is a council of people who have the skills, and the time, to make things happen in

Washington.

”It’s the who’s who of security, but I’m wondering what this group is going to do,” says

Woolley. ”What we need is a strong lobbying group. I don’t see these guys going to

Washington and shaking up The Hill and that’s what we really need done. These are executives

at eBay and Microsoft and Bank of America. Are they going to have to do anything except get

together one a month and have dinner and talk shop?”

Woolley adds that simply getting some heavy hitters in the same room just isn’t what’s

needed in a time when viruses and spam are exploding, and patches for software bugs are

coming faster than IT managers could possibly handle.

”You have a bunch of really smart security guys sharing information among themselves.

That’s great, but how is that going to help everyone else?” asks Woolley. ”What are you

going to do, Guys? Are you building policies that are exportable? Are you crafting

technology? Talking is a lofty goal, but what is the real purpose? What are you going to

really do for everyone?”

Ken VanWyk, a principal at KRvW Assoc., LLC, a Virginia-based IT security consulting and

training company, says the council could be beneficial — to the members.

”There’s going to be passing of information at these meetings that wouldn’t be done over

email,” says VanWyk. ”A professional colleague might give you a heads up about legislation

coming down the pike or an incident that you might not be aware of. It’s informal,

high-level discussions. These are some pretty big companies that are going to be helping

each other.”

VanWyk says it doesn’t expect the benefit to trickle down to companies outside of the

council, but he notes that the companies involved are large and affect millions of people.

”I have a tremendous amount of faith in Howard Schmidt’s ability to pull this off,” says

VanWyk. ”I would expect you won’t see a whole lot of press releases coming out of this. The

important things they accomplish will be quietly handled.”

Similar articles

Latest Articles

3 AI Implementations That...

I was on a joint educational call for the World Talent Economic Economic forum on mobile computing this week. We drifted to topics that...

Survey of Site Reliability...

NEW YORK — Site reliability engineers (SREs) are warning of a looming scalability ceiling and saying the adoption of AIOps isn’t happening at a...

Druva Integrates sfApex to...

SUNNYVALE, Calif. — A maker of software for cloud data protection and management is helping companies safeguard essential customer data that their sales and...

Best Data Science Tools...

Data science has transformed our world. The ability to extract insights from enormous sets of structured and unstructured data has revolutionized numerous fields —...