RSA: Cybersecurity gets auditing boost

Auditing firms Deloitte & Touche, KPMG, PricewaterhouseCoopers, and Ernst & Young joined White House cyber security advisor...

Auditing firms Deloitte & Touche, KPMG, PricewaterhouseCoopers, and Ernst & Young joined White House cyber security advisor Howard Schmidt at the RSA Conference in San Francisco to drum up support for improved public and private efforts to help secure the US information infrastructure.

Each of the professional services firms pledged to lend their information security expertise toward TechNet's in-the-works Cyber Security Practices Adoption Campaign. The initiative is designed to foster awareness surrounding "business survivability" issues in the computer age, involving risk assessment, contingency planning, and mitigation techniques, said TechNet president and chief executive officer Rick White.

Featuring collaboration with the Internet Security Alliance (ISA) and powered by a TechNet CEO Cyber Security Task Force, the project is committed to building a baseline of defined standards for use by senior managers to be able to test their company to figure out if it is meeting set goals of preparedness for computer security.

According to White, the baseline TechNet best practices list is due to be released later this year.

"We feel there’s a sense of urgency here," said White. "We’re going to challenge companies to meet a goal by a particular date – the goal for the private sector the government has issued to us."

In his role as the special advisor to the president for cyber security, Schmidt said the US government has “some concerns” about the nation’s underlying IT infrastructure, such as DNS servers and protocols, which are in the hands of the private sector.

"Clearly time is of the essence.  It’s been a long time to get people on board with this. Up until the denial-of-service attacks [in early 2000], this was not a boardroom issue," said Schmidt.  "We have not fully realised the potential and capability of what the internet can do for us."

Schmidt said the government is unlikely to impose sanctions on organisations that do not comply with TechNet’s baseline standards, but rather those who do not comply will feel the brunt of customers' mistrust and disinterest in their products or services.

TechNet’s CEO Cyber Security Task Force features executives from Courion, Cyber-Ark Software, Guardent, Hewlett-Packard, Kleiner Perkins Caufield & Byers, Netegrity, Palm, Qualys, RSA Security, Start-Up Partners, Symantec, VeriSign, TippingPoint Technologies, and Wind River Systems among others.

Read more on Hackers and cybercrime prevention