BOSTON -- Companies are in a better position than the government to defend the homeland and there's plenty of money...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
to make in the process. Trouble is, many executives and IT professionals don't think of themselves as foot soldiers in the War on Terror.
Kenneth Minihan, a retired Air Force lieutenant general and former director of the National Security Agency, delivered that message Wednesday at Converge05, a conference Framingham, Mass.-based ID management firm Courion Corp. held for its customers.
"During the Cold War, we ceded national security to the government," said Minihan, now a principal of the Paladin Capital Group's Homeland Security Fund and president of the Security Affairs Support Association,
He said companies often miss that point because their main focus is to make money. But they can do their part to protect the national infrastructure and make business boom in the process. After all, Minihan said, companies that show they're serious about preventing data theft and other attacks improve their stature among potential clients.
"As you build your business base, remember that you can make money, be wildly successful financially and still contribute to the security of the national infrastructure," Minihan said. How? By developing and adopting technology people can trust, he said.
"To ensure trust in technology we must have five key service offerings: authentication, privacy, nonrepudiation, data integrity and the confidence that we can repeat the good user experience," Minihan said. "Today there's a lack of trust in modern technology. Critical infrastructure is inadequately used in the context of the technology out there today."
ID management a core ingredient
Insight into where that trust is needed most can be found in recent headlines about big U.S. enterprises acknowledging the theft or loss of data affecting millions of people. "One of the greatest concerns in the business world today is the question of whether you are who you say you are," Minihan said. "We used to talk about forensics, being able to tell when something has happened. Today, you're looking at moving toward preventive technology over descriptive technology." The threat of identity theft is a primary reason, he added.
In the end, ID management is about trust, he said. Companies that work to develop and/or adopt the best ID management technology play a role in homeland security by making it harder for data thieves to penetrate their infrastructure. Meanwhile, potential customers see that their private information will be protected if they do business with that company and business can grow.
"With identity management you can be profitable" while keeping the bad guys out, Minihan said.
A bridge between government and private enterprise
Minihan's comments come on the heels of a recent report by the Government Accountability Office [GAO] that takes the U.S. Department of Homeland Security [DHS] to task for not doing enough to reach out to the private sector.
The report said the agency "has not fully addressed any of the [key] responsibilities" related to cybersecurity and national security "and much work remains ahead." There's a growing risk that large portions of the national infrastructure "are either unaware of key areas of cybersecurity risks or unprepared to effectively address cyberemergencies," the report said. "Further, DHS continues to have difficulties in developing partnerships -- as called for in federal policy -- with other federal agencies, state and local governments, and [the] private sector."
David A. Powner, director of information technology management issues at the GAO, wrote the report and listed outreach to the private sector as a top priority. "We need a national threat assessment," he said. "That would be of great value to the private sector."
In an interview after his speech to Courion's customers, Minihan agreed the agency has more work to do. But as he told his audience, the private sector also has room for improvement.
"I agree DHS must be more open, but the business community must also reach out to DHS," he said. "Businesses need to be clearer on what they need from the government so they can play a greater role in homeland security."