Governments should show security leadership

When it comes to the security of the Internet, it is the responsibility of all levels of government to show leadership and direction, according to a leading security expert.

“It is the government’s responsibility to encourage everyone to increase their security,” Simon Perry, the vice-president of security solutions for Computer Associates International Inc. (CA), said in an interview with IT World Canada. “The Internet is our shared neighbourhood. As an online community we will only get better when everyone increases their security. The government plays a role in that encouragement.”

Perry, vice-president of security solutions for CA, said part of that leadership role includes ensuring that the appropriate legislation is in place to catch and prosecute online criminals.

“Uniquely, it is the responsibility of the government to put in a legislative framework that ensures the laws are in place to investigate cybercrime along with the legislation that makes it appropriately illiegal,” he said. “That’s a big problem and in times past there has been no framework to investigate computer crimes and bring people to justice.”

Top Security Issues

As for security issues facing the government, Perry said the number one challenge is cost effective security management. Many end users are currently working with several security products from multiple vendors. The problem is that none of the products work together and that can be costly. The push to have a streamlined system is now underway.

“As a security administrator if you wanted to interact with all of theses systems there’s a high cost to that,” Perry said. “Now there is a focus on command and control around all of these systems.”

The second most critical security issue is the desire to fix security flaws that have come to light during recent system audits. New government regulations such as Bill C6, recent world events and malicious code attacks have been responsible for driving both sectors to conduct audits.

Perry said the third highest security issue governments face is the need for “highly secure communications.” Currently, governments are finding that they need to communicate in a secure environment when sharing information regarding issues such as finance, the military and citizen information. Perry added that the most unique aspect for government communications now is that security is being used to enable interaction and transaction as opposed to just keeping information safe.

Where’s The ROI?

As with any other aspect of IT, funding plays a key role in resolving security issues. And while a return on investment was important in the past, it is increasingly crucial in these tough economic times to show that a security solution will save money.

“Two years ago, the number one criteria was, ‘How secure is the solution or how much does this project increase my security?'” Perry said. “Today the number one criteria is, ‘Will this save me money or is it going to generate additional money?'”