Speaking to CIOs in Chicago – What the Next 12 Months Look Like

August 20, 2013 — Leave a comment

Tomorrow I have the honor of speaking with CIOs in a meeting to discuss how business leaders will need to engage in cyber defense over the next 12 months.  Thanks to sponsors  HP, FireEye, McAfee, and Paragon Micro – a value added reseller of security, networking, and data center products. As I prepare, there are a number of things happening out there that make this an interesting time to be attending such an event.  Phyllis Schneck, a vice president and chief technology officer for the public sector at McAfee, was just named deputy undersecretary for cybersecurity, working along with DHS on how to tackle the rising concerns of cybercrime.

This is especially a concern in the private sector where innovation tends to be a primary focus and the target of those governments looking to cash in on American innovation.  “Washington has struggled of late to determine how heavy a hand it will take in dealing with the private sector,” writes Danny Yadron of The Wall Street Journal.  “One contentious issue is whether the government should set minimum standards that companies in key industries like banking and energy should meet in order to protect their networks from cyberattacks. Companies generally want to set up their own criteria.”

The more mid market companies ignore these threats, the more government is going to insist on imposing new rules.  From what I can tell, this won’t stop with banking and energy – but will likely expand over time into mid-market manufacturing, service providers, transportation, and more.  The problem is, when government gets involved, the regulations are usually costly but not well thought out. We end up with rules that don’t actually make sense.  For instance, it’s illegal to bathe a horse in your bathtub in North Carolina where I live.  It’s also against the law to plow your field with an elephant.  Why?  Because the lawmakers reacted to something rather than thinking through to the best way to address the root issue.

Cybercrime is far more than a technical issue.  Tomorrow afternoon I will be addressing some of the most important trends, along with mindsets and culture that must be developed inside an organization to better protect against this impending doom of bureaucracy driven by growing surreptitious cyber threats.  Security must be addressed first, at the top, where the digital assets are created and assigned value.  From there IT and security groups will gain the support they need to get the job done.

© 2013, David Stelzl

Advertisements

No Comments

Be the first to start the conversation!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s