Securing data in cyberspace is not easy. Just ask Sony, which has seen its systems repeatedly hacked in recent weeks, with personal information stolen from more than 100 million user accounts. Or ask Google and the hundreds of high-profile Gmail users who were recently hacked. Or even ask RSA, the security technology company, which had vital data stolen from its own systems several months ago — potentially compromising the security of some of its most sensitive corporate customers.
The challenge of cybersecurity is made even more complex by the rapid innovation and change in technology — change that is being accelerated by the introduction and growth of cloud computing solutions and services. A colleague of mine, echoing Dr. Seuss, noted that business users and consumers want their data to be available “here, there and everywhere.” The cloud makes that possible. But how do you secure “here, there and everywhere?”
Governments around the world are working to do their part to protect cyberspace. In the European Union, data protection regulations are being revised and Commissioner Neelie Kroes announced earlier this year the creation of a European Cloud Computing Strategy. In the US, Sen. Patrick Leahy (D-Vt.) yesterday reintroduced a bill that would require companies to protect consumers’ data and tell them when it has been compromised. The Obama administration also has recently unveiled a National Strategy for Trusted Identities in Cyberspace along with a series of recommendations on cybersecurity.
These are important steps. But, given the complexity of our challenges and the speed at which the landscape is evolving, the solutions we develop today need to be flexible enough to address the challenges we face tomorrow. Getting it right will take the concerted and coordinated efforts of industry and governments from around the world. Next week, at BSA’s European Cybersecurity Forum in Brussels, US and European policymakers and industry leaders will come together to tackle these very topics. I’m looking forward to the discussion and to coming up with ideas on how best to secure “here, there and everywhere.”