Page 37 - index
P. 37
most of those devices manufactured somewhere in Asia--typically China or Taiwan, a different
set of competitive, political and privacy issues are seen.
According to a recent New York Times article, China recently established draconian regulations
forcing tech companies (including Microsoft and Cisco) to reveal secret source code, to submit
to invasive audits and business practices that compromise sensitive IP through malware attacks
and hardware backdoors built in to Chinese made products.
Our invitation only event, held on National Data Privacy Day, featured Dr. Larry Ponemon,
founder of the Poneman Institute, Ryan Gillis, former director of legislative affairs and
cybersecurity policy of the National Security Council Staff at The White House now Vice
President of Government Affairs and Policy for Palo Alto Networks
; Mike Coomes, Director of DoD International Cybersecurity & Internet Governance; Peter
Evans, VP of the Center for Global Enterprise; Mark Weatherford of the Chertoff Group and
other industry experts and practitioners.
There were several key findings from the day. First, the security industry needs to do a better
job of educating consumers about IoT and steps that protect sensitive personal information
online. At the same time, we need to urge industry to engineer better and more secure
products.
Many of our experts agree that there is going to be a need for government regulations that must
be examined right away in conjunction with the business community. If we wait too long, we’ll
be faced with the same problems the Obama Administration has today—attempting to solve the
problem through “jawboning” and coercion rather than working together with the security
industry from the beginning to develop viable solutions within the next three to five years.
The time is rapidly approaching were we may ask why things aren’t connected to the Internet
rather than why they are connected.
The Federal Trade Commission recently unveiled its report on IoT, concluding that it is still too
early for legislators to craft data privacy and security protection laws specific to Internet-
connected devices and products. Considering the amount of time necessary to arrive at the
right protection laws, there isn’t really a sound reason to wait.
The fact that they are even considering a delay means that we haven’t done a good enough job
alerting members of the Administration, Congress, business, and consumers to the problem—
let alone any attempt at communicating the possible solutions.
The conference was designed to be interactive in order to generate some intriguing and
potentially actionable ideas. Dr. Larry Ponemon of the Ponemon Institute designed scenario-
based group exercises that assigned subgroups the responsibility for a specific role for
consumers, consumer protection advocates, manufacturers, law enforcement, the legal
community and members of the manufacturing supply chain.
The findings of the exercise will be made public through videos and white papers, co-authored
by Dr. Ponemon and Pell Center Fellow Francesca Spidalieri.
37 Cyber Warnings E-Magazine – March 2015 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
