W3C Valid XHTML 1.0
Cyber security and privacy must be balanced in new law

At the end of June, the Senate Intelligence Committee introduced the Cybersecurity Information Sharing Act of 2014, the latest variation of cybersecurity laws. Similar bills have failed to pass over the last four years, and in my opinion, rightfully so because of very reasonable concerns that they were overly broad in their power to potentially discard privacy and trample individual rights. 

The failure of these bills doesn’t mean nothing is being done. Much is happening behind the scenes, and it is a good thing to balance the interests of many groups before any bill becomes law. We need both privacy and security, and neither can truly exist without the other.  

These poorly drafted bills illustrate the pressure for broader efforts to thwart current and future foes that will use cyber warfare tools to attack our digital infrastructure. Security experts are understandably concerned about current-generation security efforts to protect our data as The Internet of Things evolves. Heartbleed is an example of why it’s important to shore up our security and pay more attention. Still, on-premise solutions based on old technologies are not inherently more secure, as Target now knows, thus the pace of innovation continues. More businesses and individuals are moving data to public, hybrid and private clouds, which can — in many cases — offer better security in more tightly managed environments. Users will accept some risks to make progress, and we all want to ensure our data is safe, not only from hackers, but from unreasonable searches. 

Doña Keating of Professional Options (also a co-founding member, past president, and current sponsor of West Sound Technology Association) recently attended tech, talent gap, and cybersecurity policy meetings at the White House as a Voices for Innovation leader. As evidenced by existing articles and blogs on the subject by the senior White House officials who addressed the group, the need to define what level of cyberattack constitutes a national security threat is something industry experts will debate for some time to come. The decisions can be made easier if a common language is used to describe both the threat space and security methods, and if public and private sectors work together to protect our infrastructure – which is vital to our future economy. 

Michael Daniel, special assistant to the President and cybersecurity coordinator at the White House, has written about the unique challenges to cybersecurity. It is not a physically defined space and lacks traditional borders. There is no interior to cyberspace. Also, unlike other efforts where international cooperation leads to greater adoption, some governments see the Internet as a threat and something to be controlled. Because of these divergent interests, a global forum or effort will not likely take the lead in addressing cybersecurity issues.

The good news is that a vibrant discussion is taking place to both provide better security and privacy. Despite the likely failure of the most recent bill, and recent breaches of security and privacy, these events keep everyone engaged towards getting the balance right. 

• Charles Keating is president of Keating Consulting Service, Inc. (www.kcsco.com), an IT consulting firm serving global clients since 1983. He is also a partner in K2 Strategic Solutions (www.k2strategic.com) and Professional Options (www.professionaloptions.com), and current president and co-founding member of West Sound Technology Association (www.westsoundtechnology.org).

 

 
ABOUT THE AUTHOR
Charles Keating's picture
Status: Offline
Member Since: 3-31-2009
Post Count: 13
Comments