Cybersecurity gets auditing push at RSA

Auditing firms Deloitte & Touche, KPMG, PricewaterhouseCoopers, and Ernst & Young joined White House Cyber Security Advisor Howard Schmidt at the RSA Conference on Tuesday to drum up support for stepped up public and private efforts to help secure the nation’s information infrastructure.

Each of the professional services firms pledged to lend their information security expertise toward TechNet’s in-the-works Cyber Security Practices Adoption Campaign. The initiative is designed to foster awareness surrounding “business survivability” issues in the computer age, involving risk assessment, contingency planning, and mitigation techniques, said Rick White, president and CEO of TechNet.

Featuring collaboration with the Internet Security Alliance (ISA) and powered by a TechNet CEO Cyber Security Task Force, the project is committed to building a baseline of defined standards for use by senior managers to be able to test their company to figure out if it is meeting set goals of preparedness for computer security. 

According to White, the baseline TechNet best practices list is due to be released later this year.

“We feel there’s a sense of urgency here,” said White. “We’re going to challenge companies to meet a goal by a particular date – the goal for the private sector the government has issued to us” through the National Strategy to Secure Cyberspace.

In his role as the Special Advisor to the President for Cyber Security, Schmidt said the U.S. government has “some concerns” about the nation’s underlying IT infrastructure, such as DNS servers and protocols, which are in the hands of the private sector.

“Clearly time is of the essence.  It’s been a long time to get people on board with this. Up until the denial-of-service attacks [in early 2000], this was not a boardroom issue,” said Schmidt.  “We have not fully realized the potential and capability of what the Internet can do for us.”

Schmidt said the government is unlikely to impose sanctions on organizations that do not comply with TechNet’s baseline standards, but rather, those who do not comply will feel the brunt of customers’ mistrust and disinterest in their products or services.

TechNet’s CEO Cyber Security Task Force features executives from Courion, Cyber-Ark Software, Guardent, HP, Kleiner Perkins Caufield & Byers, Netegrity, Palm, Qualys, RSA Security, Start-Up Partners, Symantec, VeriSign, TippingPoint, and Wind River Systems, among others.