HackSurfer Talks Obama, Encryption With CEO Blech
After Snowden, Will Tech Companies Trust Government?
It is not a big secret that tensions between the U.S. government and tech community exist. President Obama acknowledged the government’s tenuous relationship with the tech community and Silicon Valley in an interview with Kara Swisher, a representative of Re/code.
“I think it is accurate to say that my relationship with the tech community and Silicon Valley historically has been very good. Many of these folks are my friends… but what is true is that the Snowden disclosures were really harmful in terms of the trust between the government and many of these companies in part because it had an impact on their bottom lines.”
Some experts agree with President Obama that the Snowden disclosures have contributed to mistrust between the tech community and government.
“From the IT world’s perspective, which tends to be libertarian, the government doesn’t understand IT and therefore its attempts to regulate and threatens to kill the golden goose,” said Michael L. Whitener, Partner at VLP Law Group. “From the government’s perspective, Silicon Valley has little respect for government institutions, and its meritocratic focus tends to ignore the need for everyone to contribute to the common good. The tension between the two worlds was brought into sharp focus by the Snowden affair: Silicon Valley treated Edward Snowden like a hero, while the U.S. government regard him as a traitor.”
Edward Snowden’s effect on the relationship between government and the tech world seems to be a common denominator, but other experts point out specific issues besides Snowden that lead to mistrust and complications.
“In short, the U.S. government has hurt the U.S. tech industry with its lack of protections against foreign actors,” Joan Pepin, CISO of Sumo Logic, said. “[The government] has hurt us with its unreasonable surveillance programs. It has hurt us with unreasonable search warrant rulings that have eroded the trust between foreign companies and U.S.-based technology companies. Now the government wants us to spend precious time and resources and budget we don’t have to share data with them so they can do what? They are asking a lot and promising nothing in return. The real solution is continued training and recruiting of highly skilled infosecurity professionals to foster innovation that keeps security technology at pace with threats.”
Robert Hansen, VP of WhiteHat Labs at WhiteHat Security, shows his displeasure and frustration with government through their proposed amendments to the Computer Fraud and Abuse Act (CFAA).
“The amendments made to CFAA and various recent case law precedents are extremely unlikely to have any positive effect on security. It is far more likely to cause more harm than good, and has to some extent proved to have a chilling effect on computer security research. Effectively, doing research has become criminalized and now it is just a matter of how it will be enforced. Hopefully, it is eventually overturned under the Fourteenth Amendment, which provides for equal protection and makes selective enforcement illegal constitutionally, but for now, computer security research has been largely criminalized in the United States.”
Support for Government Involvement in Cybersecurity?
Even though support for government from the tech world is a little shaky, there are experts who support the government’s efforts. One expert references a recent speech given by president Obama about utilizing strong encryption.
“We applaud President Obama for seeing where a key component of the massive epidemic of breaches lay,” said Richard Blech, CEO of Secure Channels. “Clearly the country cannot continue to just react after each breach instead of creating a plan for protection in advance.
Blech continued: “Our valuable sensitive data needs to be protected with the deepest and strongest encryption available. It is time for a call to action within the cybersecurity leadership and the community. The government cannot do this on their own. The technology already exists, let’s make a plan to use it.”
Norman Comstock, a managing director at Berkeley Research Group LLC, also says the U.S. government should be involved.
“There has been tremendous attention to high profile data breaches impacting consumers and businesses in recent months. The speed and frequency in which these attacks are occurring has certainly galvanized the U.S. government into action. Executive orders notwithstanding, cybersecurity is a growing and global issue. Each breach is a crime for financial, political or ideological gain. Therefore, it is clear the U.S. government should be involved to coordinate enforcement and prosecution of cybercrimes. More must be done to help on this side of the equation.”
Comstock says three things will present a challenge:
Overcoming public mistrust over past disclosures of unwarranted or non-transparent surveillance of citizens
Imposing laws that further impact consumers and businesses to be responsible for compliance with new standards and disclosure requirements which may not be within the financial wherewithal of those impacted
Latency or poor collaboration caused by hesitation to coordinate with law enforcement for fear of attribution and the stigma that may ensue throughout an investigation
One thing is clear, the US government is now involved with cybersecurity. No matter what side of the fence tech security experts reside, resolving and preparing for the future of cybersecurity will now be a team effort.
Find the original article here.
For more articles on Secure Channels Inc. and CEO Richard Blech, visit the Secure Channels website.