US lessons for UK on IT security

Howard Schmidt, the former Microsoft director appointed by US president George W Bush to create a national strategy to protect...

Howard Schmidt, the former Microsoft director appointed by US president George W Bush to create a national strategy to protect critical USIT systems, has urged the UK to follow his country's lead by drawing on the security expertise of business and the IT industry.

Schmidt, vice-chairman of the Critical Infrastructure Protection Board, said the US government had learned important lessons from consulting with industry and achieved a level of buy-in from the private sector that would not have otherwise been possible.

Speaking before the publication of the latest draft of the US National Strategy to Secure Cyberspace, Schmidt said businesses had made significant improvements to a document that the White House had considered to be a final strategy.

"When we started we were pretty close to having what we considered to be the final strategy. As we started getting more feedback from more organisations, it raised more questions. Doing that gave us a better document that is more widely accepted," he said.

The UK's Office of the E-Envoy, which announced plans to create its own cybersecurity strategy last May, is expected to put a document out for consultation sometime this year, though exact timescales are uncertain following recent staff changes.

The latest version of the US strategy gives the federal government more of a back-seat role, placing industry at the forefront of protecting the internet. However, the government will encourage investment in security research and standards.

One of its key objectives is to improve security across US government departments. Chief information officers will have to report directly on their progress on security to the Office of Management and Budget, and no IT projects will be approved without an IT security plan.

Read more on IT risk management

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.