Auditing firms Deloitte & Touche, KPMG,
PricewaterhouseCoopers, and Ernst & Young joined White House
cyber security advisor Howard Schmidt at the RSA Conference in San
Francisco to drum up support for improved public and private
efforts to help secure the US information
infrastructure.
Each of the professional services firms pledged to lend their
information security expertise toward TechNet's in-the-works Cyber
Security Practices Adoption Campaign. The initiative is designed to
foster awareness surrounding "business survivability" issues in the
computer age, involving risk assessment, contingency planning, and
mitigation techniques, said TechNet president and chief executive
officer Rick White.
Featuring collaboration with the Internet Security Alliance
(ISA) and powered by a TechNet CEO Cyber Security Task Force, the
project is committed to building a baseline of defined standards
for use by senior managers to be able to test their company to
figure out if it is meeting set goals of preparedness for computer
security.
According to White, the baseline TechNet best practices list is
due to be released later this year.
"We feel there’s a sense of urgency here," said White. "We’re
going to challenge companies to meet a goal by a particular date –
the goal for the private sector the government has issued to
us."
In his role as the special advisor to the president for cyber
security, Schmidt said the US government has “some concerns” about
the nation’s underlying IT infrastructure, such as DNS servers and
protocols, which are in the hands of the private sector.
"Clearly time is of the essence. It’s been a long time to get
people on board with this. Up until the denial-of-service attacks
[in early 2000], this was not a boardroom issue," said Schmidt.
"We have not fully realised the potential and capability of what
the internet can do for us."
Schmidt said the government is unlikely to impose sanctions on
organisations that do not comply with TechNet’s baseline standards,
but rather those who do not comply will feel the brunt of
customers' mistrust and disinterest in their products or
services.
TechNet’s CEO Cyber Security Task Force features executives from
Courion, Cyber-Ark Software, Guardent, Hewlett-Packard, Kleiner
Perkins Caufield & Byers, Netegrity, Palm, Qualys, RSA
Security, Start-Up Partners, Symantec, VeriSign, TippingPoint
Technologies, and Wind River Systems among others.