Thursday, December 3, 2009
New Study Calls for Cybersecurity Overhaul in U.S.
The alliance, in a report released Thursday, also called for permanent international cybersecurity collaboration centers, new security standards for VoIP (voice over Internet Protocol) communications and programs to educate corporate leaders about the benefits of enhanced cybersecurity efforts.
Lots of groups have called for better information security education for students, but education for enterprise leaders is often overlooked, said Joe Buonomo, president and CEO of Direct Computer Resources, a data security products vendor.
"At some point, almost every public official who addresses this subject stresses the need to train our kindergarten to 12th-graders on this topic," he said. "In many instances, these officials also note the need to upgrade cyber expertise in the federal workforce. Something else is necessary."
The report, intended as a response to U.S. President Barack Obama's call in May for increased cybersecurity efforts, proposes to create more educational programs on risk management for C-level executives. ISA has already begun an education effort aimed at chief financial officers and other executives.
The report as a whole focuses largely on changing the economics of cybersecurity with incentives and other programs.
"When it comes to cybersecurity, all the of the economic incentives favor the attackers," said Larry Clinton, ISA's president. "Attacks are relatively easy, cheap, and the gains from them can be enormous. On the other hand, defense can be costly." Computerworld