TNNI: Exclusive Interview With BSA’s Robert Holleyman: Cyber Crime Has ‘Financial and National Security Implications’

This was written by Brynn Koeppen on Sunday, September 13, 2009, 23:38.

President and CEO of the Business Software Alliance, Robert Holleyman, sat down with TheNewNewInternet to presented his thoughts regarding the Obama Administration’s cybersecurity plans, as well as how business executives should begin to prepare for a shift in the cybersecurity industry. Mr. Holleyman further cited some sobering statistics regarding the rising lucrative business of global cybercrime.

TheNewNewInternet: What are your overall thoughts regarding the Obama Administrations cybersecurity plan?

Robert Holleyman: We thought the plan did an excellent job at laying out the foundation on the types of challenges that are presented to the U.S. both from a government and private industry prospective. It was comprehensive and laid the right foundation; I was pleased to be one of the many industry and private sector organizations that had the opportunity to provide comments during that review process. So by our accounts, it’s absolutely the right foundation and we look forward to working with the administration and Congress.

TheNewNewInternet: How should the private sector prepare for the growing emphasis of cybersecurity under the new administration?

Robert Holleyman: The issue of cybersecurity is something that has to be given attention within every organization; everyone who uses the Internet needs to be aware of the need for cybersecurity.

TheNewNewInternet: What are your thoughts on the cybersecurity government-industry partnership?

Robert Holleyman: So much of the national infrastructure is held by the private sector, the estimates are held as high as 80, 85 %, and so it is absolutely critical and essential that the government is in cooperation with the private sector. The government can’t do this alone. The statements from senior officials, including the President, recognize that important role. The challenge for all of us is to simply to make that commitment a reality in the day-to-day, month-to-month dealings with the area of cyberspace.

We also know that the US is the top country for Internet malicious activity; about 23% of all malicious cyber activity involves the US. It is not just kids looking to achieve some notoriety or fame, businesses have now moved to a world of international criminal networks. The threat has been increasing, it has become increasingly serious and the financial and national security implications are increasingly serious.

TheNewNewInternet: How should the government approach the question of increasing security while preserving privacy, civil liberties and innovation?

Robert Holleyman: At the release of the 60-day review in May, the President said quite clearly that the government would not be involved in monitoring private sector networks or Internet traffic. He was also quite clear on the need for more research and development in the field of cybersecurity and how the private sector has a leadership role in all of these issues. We thought that the statements were not only encouraging but also correct.

TheNewNewInternet: What is your assessment of global crime in cyberspace?

Robert Holleyman: We’ve seen that global crime in cyberspace is going up and the overall number of attacks is growing substantially. According to Symantec, in 2008 there were almost 1.7 million new malicious code threats, 2-3 times more than in 2007 and almost 12 times more than in 2006. We also know that the US is the top country for Internet malicious activity; about 23% of all malicious cyber activity involves the US. It is not just kids looking to achieve some notoriety or fame, businesses have now moved to a world of international criminal networks. The threat has been increasing, it has become increasingly serious and the financial and national security implications are increasingly serious.

TheNewNewInternet: What is the next step for security U.S. cyberspace?

Robert Holleyman: The US is one of the most advanced nations in trying to address the nature of the threats. We are beginning with a position of strength in terms of recognition and challenge, but a lot more needs to be done and it needs to be done quickly. One thing I will note is that many of our companies now treat cybersecurity as part of the initial development process. Companies as well as universities are really working hard to train on the importance of cybersecurity. The change in the educational system coupled with the change we are seeing at the policy level leads us to believe we have a good basis to make a lot of continued progress.

TheNewNewInternet: Do you have any cybersecurity tips for CEO’s?

Robert Holleyman: Yes, two things. Every CEO should know that insuring the security of their network is fundamental to the continued smooth operation of their business and so that CEO needs to make it a priority to know that there are policies in place that are secure as they possibly can be; it will not happen without the direct recognition by the CEO and the boards of directors. With that said, there are a number of widely used security technologies that can be deployed but there is also a great organization called the National Cyber Security Alliance. NCSA has the staysafeonline.org website with great tips in for businesses, for consumers, for kids, regarding the area of cybersecurity. Business executives should use the website as part of their unique security checklist, catered to their own business.