Robert Cook: Drastic measures needed

Watching the dead being hauled from the trains in Spain brings to mind our own vulnerability to faceless murderers. The physical security of the United States has become stronger since the tragic events of Sept. 11, 2001. The federal government reorganized to make homeland security one of its top priorities. Large U.S. cities, such as New York, hold regular safety drills to prepare for any unspeakable act that could be perpetrated in a large metropolitan area.

But in the area of data security and privacy, we've seen little similar action.

Terrorists are becoming increasingly sophisticated, using e-mail for much of their planning and communication. It's not a stretch to believe the reports that al

Qaeda plans to use cyberterrorism as one of its tools.

What is the easy solution? Establish a voluntary national authentication system. Shut down anonymous use of the Internet. Encourage government, businesses and citizens to use secure messaging. If we do so quickly, many problems will be solved at once and exposure to terrorism via the Internet will be reduced. Bombs are cheap and easy to use. It is planning their use that is difficult.

Safeguarding information is good business. It is also a government mandate, and legislators have had a profound impact on making government systems and communication more secure. But the government's cybersecurity response has been piecemeal.

What is needed is a more comprehensive solution — one that protects American consumers and business interests from spam, protects individual privacy, secures communication and business transactions and simultaneously protects and fosters e-business.

E-business correspondence frequently contains confidential information about health, finances, national security and research and development. These messages all require protection in the form of encryption and policy rules and guarantees that senders and recipients can be reliably authenticated.

Legislation that would spur businesses and consumers to use secure e-mail would, virtually single-handedly, eliminate spam and viruses. It would ensure that all personal information included in online transactions remains just that — personal and confidential. It would also create efficiencies of scale as more business and government transactions are handled

electronically.

Secure e-mail would dictate that any communication comes from a known and trusted party, who must be authenticated to send secure communication. The trusted authority that authenticates senders could be

a financial institution or a government entity that already has mechanisms in place to identify customers or constituents. There would be no need for complex infrastructure changes.

The technology to secure electronic communications exists today. It can be done without building isolated networks or monuments to authentication. The impetus to act is clear. We should do all we can to secure the Internet rather than waiting for a massive cyberattack to finally spur us to action.

Cook is chairman and chief executive of Sigaba, a provider of secure messaging solutions. He is also managing director of Royal Wulff Ventures, a venture capital firm that focuses on funding companies in their early stages.

Rising Stars

Meet 21 early-career leaders who are doing great things in federal IT.

Featured

  • SEC Chairman Jay Clayton

    SEC owns up to 2016 breach

    A key database of financial information was breached in 2016, possibly in support of insider trading, said the Securities and Exchange Commission.

  • Image from Shutterstock.com

    DOD looks to get aggressive about cloud adoption

    Defense leaders and Congress are looking to encourage more aggressive cloud policies and prod reluctant agencies to embrace experimentation and risk-taking.

  • Shutterstock / Pictofigo

    The next big thing in IT procurement

    Steve Kelman talks to the agencies that have embraced tech demos in their acquisition efforts -- and urges others in government to give it a try.

  • broken lock

    DHS bans Kaspersky from federal systems

    The Department of Homeland Security banned the Russian cybersecurity company Kaspersky Lab’s products from federal agencies in a new binding operational directive.

  • man planning layoffs

    USDA looks to cut CIOs as part of reorg

    The Department of Agriculture is looking to cut down on the number of agency CIOs in the name of efficiency and better communication across mission areas.

  • What's next for agency cyber efforts?

    Ninety days after the Trump administration's executive order, FCW sat down with agency cyber leaders to discuss what’s changing.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group