Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

RSA president questions government's role in cybersecurity

Martyn Williams | April 30, 2015
The president of one of the world's biggest computer security vendors says he is skeptical that a stronger government role in cyberdefense will abate the growing number of attacks.

The president of one of the world's biggest computer security vendors says he is skeptical that a stronger government role in cyberdefense will abate the growing number of attacks.

In an interview with IDG News Service, Amit Yoran, president of RSA, also rejected calls by U.S. intelligence chiefs for industry to tread carefully in deploying more encryption in case it cuts off their ability to eavesdrop on communications by suspected criminals.

"The government is not the answer here," he said, when asked about White House proposals for sharing of cybersecurity information. Despite the growing severity of attacks and a feeling that the government should "do something," the issue is best left to private companies, because they are the ones developing networks and the technology that defends them, he said.

"Nobody is going to say information sharing is bad, but I've yet to see what is being asked to share by whom, for what purpose, to which parties, how will it be protected, how will it be used and then what is the value proposition back for sharing information," Yoran said.

Instead, he said the government might better help by sharing some of its own threat intelligence with the private sector.

Yoran's comments might come as a surprise to some. A graduate of the U.S. military academy at West Point, he served in the Department of Homeland Security as national cybersecurity director for a year in 2003 and also helped found the Defense Department's Computer Emergency Response Team. He's been at RSA since 2011, when it acquired NetWitness, a company he started in 2006.

The proposed information-sharing hubs are part of the government's response to the devastating cyberattack on Sony Pictures Entertainment last year. Less than three months after that attack, they were proposed by President Obama at a White House Cybersummit at Stanford University in February.

As envisioned, they would feed information into a central government clearing house that would coordinate among industries and various arms of government.

U.S. industries are bombarded with thousands of attacks each day, but these usually only make headlines when a large amount of personal information is stolen. Millions of Americans experienced the result of attacks last year when they had credit and debit cards reissued in the wake of breaches at retailers such as Target and Home Depot.

Despite acknowledging that the situation seems to getting worse with regard to cyberattacks, Yoran is also firmly against the government gaining the ability to block Internet traffic.

"Do we imply that the government is going to be intercepting and blocking what they believe to be attacks?," he said. "Unless you are operating the system and you own the system and you know what it's for ... I don't see how you can have any government entity take an operational role in defending the networks themselves."

 

1  2  Next Page 

Sign up for CIO Asia eNewsletters.