And like people, most organizations – whether public or private – are hitting different stages, and to advance through those stages, companies, just like people, can use some help from one another along the way.
CSOs are hopeful about one particular form of aid – the Department of Homeland Security's recently announced reorganization plan that includes a new assistant secretary for cybersecurity and telecommunications. The person who fills this latest version of the DHS' IT security 'go-to' guy or gal will identify and assess telecommunications vulnerabilities, maintain timely threat data and head up national response to cyber/telecomms threats.
It's a position that security professionals have been trumpeting for some time.
Well before the departure of Amit Yoran, former director of the DHS' National Cyber Security Division, IT security leaders and many members of Congress wanted the government's security post to be much more visible and powerful. For them Yoran, though aggressively trying to affect change as the government's lead security guru, was too low in the hierarchy to really make a difference in public-private relations as they related to the nation's countless IT security needs. To many in the industry, the National Cyber Security Division position had little real influence.
As a result, long-sought-after partnerships stalled (leaving some to feel as if the government only came to private industry for information without giving any back) and real communication all but ceased. Many leading IT security professionals became jaded, reaching the conclusion that the DHS was not being the dance partner that private industry sought. For some time, a lead coordinator to oversee efforts with key verticals to safeguard critical infrastructure has been shamefully nonexistent.
This updated version offered up by DHS Secretary Michael Chertoff's reorganization now is the one to watch. Private sector security practitioners are now hoping to see real resolution to IT security problems confronting both the government and private sectors, two-way information sharing initiatives, and the coordination of efforts to protect the national infrastructure. Such efforts, with oversight by this newest leader, should be less entrenched in government bureaucracy and taken more seriously.
It appears to be the first right step in our collective IT security journey. Let's just skip the trip-ups this time.
Illena Armstrong is the U.S. editor