On Monday, I was in wind-swept Brussels for the Global Forum 2011 ― a yearly get-together for business and government leaders to discuss the impact of IT on democracy and society.
I spoke on one of the first panels of the day called ‘Data Governance: information assets, security and protection’. There were several good speakers, ranging from an intellectual property lawyer to a member of the European Parliament.
I started off my speech by talking about how consumers are shifting more and more towards mobile broadband and how, in turn, mobile broadband is serving as a catalyst for tremendous change enabling new technologies such as cloud computing, the Internet of Things or M2M, social networking, the smart grid and others that are improving the way we live and work.
However, these trends are challenging both network service providers and policymakers. For service providers it is driving a need for significant additional network investment in infrastructure to keep up with the demand and obtain the necessary spectrum to support the dramatic growth in mobile. And as we rely more and more upon these services in our everyday lives it raises a series of concerns around security and privacy which must be taken seriously both by the private sector and by governments.
This includes issues around security in the cloud, how to extend security to mobile devices as we increasingly see more workers who want to bring their own IT to work or “consumerization”; how governments and the private sector can share information to better prevent attacks; how to encourage industry security standards; how to make online transactions more secure, international cooperation to address cyber threats and how to keep our kids safe online. These are just some of the policy issues swirling around these emerging technologies.
These are difficult issues and we should neither ignore these issues nor let them needlessly prevent us from using these technologies. What is needed is for stakeholders in both the private and public sectors to address these challenges in a proactive, coordinated way.
For example in the area of cloud security the private sector has taken many steps to address security, reliability and interoperability in the cloud through such groups as the Cloud Security Alliance. And there has been extensive activity in standards bodies to develop cloud interoperability and security standards. And in the mobile space GSMA and other organizations having been looking into privacy issues around the use of mobile applications and services.
One imperative for governments should be to help better educate users. For example in terms of cybersecurity many of the threats are distributed through social engineering schemes. Educating users of the risk online will help empower them to help themselves.
In the end what is evident is that consumers want and will continue to use these technologies. We cannot stop this trend. Thus what is important to keep in mind is that we need to strike the right balance between giving consumers adequate protection and ensuring that at the same time we don’t unnecessarily impede new technology.
by Chris Boyer
See also: Raising our game in cyber space
The post Making the security grade appeared first on AT&T Global Public Policy.