Cybersecurity needs a global rethink, and fast, Dell’s CEO Michael Dell and Services CIO, Jim Stikeleather, have warned experts at the EastWest Institute Worldwide Cybersecurity Summit in the US.
In separate presentations and briefings, the men developed the theme of piecemeal reactions to the rapid rise of crymber-criminality, which included economic crime and direct threats to critical infrastructure.
The message was unusually blunt. Governments haven’t done enough and have fallen into the trap of seeing matters in a narrow, national way. Meanwhile, the security industry has been content to sell products without asking whether security was properly embedded into the way products are developed.
“Governments and private industry need to work collaboratively to develop the appropriate international framework to secure cyberspace. We should all do this in a way that keeps our global information central nervous system intact and secure,” said Michael Dell.
For its part, Dell will now join the Information Technology Sector Coordinating Council (IT SCC), which coordinates how the tech industry should help protect critical infrastructure in the US.
“There is a preponderance of evidence that indicates cybercriminals could inflict major outages to portions of our critical infrastructure with minimal effort,” echoed Jim Stikeleather.
Interestingly, he also suggested that the US management of the Internet may need an overhaul.
“ICANN manages the assignment of domain names and IP addresses, headquartered in California, is heavily US centric. There is a need to have more global participation on domain management as well as the future planning and next generation infrastructure needed to address the changes that will affect the Internet usage in years to come,” he said.
For a major PC vendor, especially a US one, to chime on the failure of government and perhaps the free market is an unusual event. That a PC vendor even has an opinion is unexpected.
What precisely Dell and Stikeleather are advocating in concrete terms is harder to assess beyond the obvious points about overcoming sclerotic bureaucracies and self-interested vendors. As with critics before them, they advocate education, education and more education, but such things take time.
What would help volume vendors such as Dell is more commoditisation, simpler technology and the ability to impose some sort of security hierarchy on people, data and systems without introducing more complexity.
"There's a certain dead element of cybersecurity, it's essentially an afterthought and not built into the Government equipment. Therefore, because of that, the technologies we have in place are almost indefensible. So we're constantly patching the cracks and filling the holes,” said Stikeleather.