News

New Association to Raise Cyber Security Awareness

Security companies form coalition to combat growing threats of cyber- crime, cyber-terrorism.

(San Francisco) A new coalition of IT security companies has banded together to "speak with one voice" on issues affecting Internet security. Announced at RSA Conference 2004 today, the Cyber Security Industry Alliance intends to raise awareness of the industry, and has an ambitious agenda that includes affecting legislation and government regulation, creating education programs at all levels to train more security workers and developing industry technology standards.

"This is the security industry's time," said Art Coviello, president and CEO of RSA Security, at a press conference announcing the group's creation. "We're mainstream and critical, and it's time we had our own association.

"The country's faced with a serious threat of terrorism. A factor in that is cyber-terrorism," Coviello continued. The CSIA, he said, "can play a critical role in protecting the [IT] infrastructure of the country."

According to a press release, the CSIA will be organized by committees of member representatives, in four key areas: public policy, education and alliances, awareness and standards. Although the group's primary focus will be on the United States, there will be a global component; for instance, one of the organization's aims is to pursue Senate ratification of the Council of Europe's Convention on Cyber-crime.

"We've seen [cyber threats] become more severe, more complex and more costly," said Paul Kurtz, CSIA's executive director and a former special assistant to the president and Senior Director for Critical Infrastructure Protection on the Homeland Security Council at the White House. Kurtz believes that the public's confidence in cyber security may erode without concrete steps being taken.

Paul Kurtz, CSIA
Paul Kurtz, CSIA Executive Director (Photo: CSIA)

"We have crucial decisions being made now about the future of cyber security," Kurtz said, adding that CSIA will be involved in those decisions. "We will work with Congress and the [Bush] administration," and with governments at the local, national and global levels.

Kurtz also hinted at the alliance's laissez-faire attitude toward government legislation in the arena of Internet security. "We believe regulation can't be the primary means of securing cyber-security," he said.

Founding members of the CSIA include BindView Corp.; Check Point Software; Computer Associates International; Entrust, Inc.; Internet Security Systems, Inc.; NetScreen Technologies, Inc.; Network Associates, Inc.; PGP Corporation; RSA Security Inc.; Secure Computing; and Symantec Corp.

One company prominently absent from the roster is Microsoft Corp. Kurtz said that since the association is comprised of companies whose primary business is security, Microsoft wasn't a fit. Pressed on the matter, Kurtz said he's had discussions with Microsoft about the alliance, but hasn't asked them to join.

Kurtz said the CSIA doesn't have a specific political agenda. "Right now, we don't have a plan to establish a PAC (political action committee)," he said, but didn't rule out the possibility of forming one in the future to donate to political campaigns.

Asked about determining which goals would be pushed when there's a conflict among the CSIA's members, since many companies are competitors in the security space, Kurtz responded that like any other association, they "would have to work that out" among themselves.

It will cost a company $150,000 per year to be a Charter Member of the CSIA, and $60,000 to be a Principal Member. Companies with "a substantial business in providing Internet security hardware, software, or services," both U.S.-based and foreign, are encouraged to apply for membership, according to the press release. The organization has a Web site at http://csialliance.org.

About the Author

Keith Ward is the editor in chief of Visual Studio Magazine.

comments powered by Disqus

Reader Comments:

Tue, Jul 6, 2004 Arnnei New Zealand

It is a known fact today that the Internet Security is most vulnerable at the Login entry.
No SSL or other protocols will prevail if your Password is exposed.
The most secured and affordable methodology available today is the TFA (Two Factor Authentication) and OTP (One Time Password) generation.

These methods cost a bundle with today Token system. That is the reason only VIPs or very secured sites offer this level of security to their clients.

Change the Token system in a way that every organization can offer it to their customers, and you get a high level of security for everybody.

Mega AS Consulting Ltd (www.megaas.co.nz) has developed a new CAT (Cellular Authentication Token) that follows that thought. It is a new concept that enables new services such as eAuthentication. The CAT runs on a cellular, does not require SMS or any type of communication and can be installed (one time OTA) by any Service’s client. It does not cost the user anything.

With this in mind, Services can now offer the users the option to register to a secured OTP login, at their own time. The Service does not have to supply or manage the tokens. It is the users’ responsibility to join the secured service to secure his login.

The eAuthentication Service takes this approach even further. Since the user can choose to join the secured Login of the Service, the company providing the service does not have to buy the Authentication package anymore, they get the users authenticated at Mega AS Consulting CAT Authentication server by implementing a simple API.

This approach is new. It will change the whole industry and it is available now.


Wed, Feb 25, 2004 Mr. Mowrey West Virginia

Thank You!, It's about time that we come to our senes and start getting thing in order. For a long time I have ask that there be a constuition for the scyber space just like the one we have for our goverment. Maybe this is the beginning of the real thing. I hope that big business won't let that interfer with the way they set this up, it's not just for them but for every body that uses the system.

Add Your Comment Now:

Your Name:(optional)
Your Email:(optional)
Your Location:(optional)
Comment:
Please type the letters/numbers you see above

Redmond Tech Watch

Sign up for our newsletter.

I agree to this site's Privacy Policy.