Cyber security, Obama, and you
Inside the enterprise: The US President has called in tech CEOs for a pep talk on cybersecurity. Will it affect business?
The most powerful man in the world summoned some of our most influential business leaders for a meeting in the White House this week. The subject of Mr Obama's meeting with CEOs from defence, technology and banking: cyber security.
The US president is just the latest government leader to ask businesses to up their game when it comes to information security. In the UK, for example, the 2010 Strategic Defence Review promised the government would increase spending on protection for military cyber defence measures.
More recently, the Home Office, Foreign Office and security services wrote to the heads of FTSE 250 companies asking them to review their cyber security measures, and offer advice on how to improve their protection.
The definition of "critical" infrastructure is often wider than business leaders realise.
Governments are becoming more involved in cyber security for two reasons: cyber defence, as the risks increase that hostile powers will turn to the internet to mount attacks, and because disruption to civilian infrastructure by hackers can have far-reaching impacts.
Governments are taking measures to protect the infrastructure under their control, such as defence systems, communications, command and control and public administration.
But much of the day-to-day life of advanced economies depends on infrastructure that is in private hands: transport, banking, food supplies, energy and even some parts of healthcare.
Unless that infrastructure is protected, the consequences can be as severe as an all-out military assault, security experts argue.
Officially, the US government will not say which companies met with President Obama, although it is understood that it included some of the large banking groups, defence companies, and technology businesses.
The type of companies involved are those believed to be most at risk of cyber attacks, especially cyber attacks from foreign states.
The White House said the meeting was called so that the government could discuss better cyber security co-operation with the private sector heads. And that, security experts say, is something that does need to improve.
According to Ernie Hayden, principal for energy security at Verizon, the definition of "critical" infrastructure is often wider than business leaders realise.
Although some companies such as defence contractors or the main utility firms have long seen themselves as part of critical national infrastructure, or CNI, banking and distribution are now also viewed as vital to the smooth operation of the economy.
Systematic attacks against those companies, whether from nation states or cyber criminals, can be as disruptive as a strike against military systems. As Hayden points out, an attack against one bank would not disrupt the economy, but a co-ordinated attack against several would.
And, Hayden says, it is not just business and governments that need to co-operate more on cyber security; businesses also need to work together to share security information, even when they are usually commercial rivals.
That is a message that businesses, and IT directors need to take on board, whether it comes from M15, or the president of the United States.
Application security fallacies and realities
Web application attacks are the most common vulnerability, so what is the truth about application security?Download now
Your first step researching Managed File Transfer
Advice and expertise on researching the right MFT solution for your businessDownload now
The KPIs you should be measuring
How MSPs can measure performance and evaluate their relationships with clientsDownload now
Life in the digital workspace
A guide to technology and the changing concept of workspaceDownload now