Former Department of Homeland Security Secretary Michael Chertoff voices support for the White House's plan to secure identities in cyberspace.
WASHINGTON - A recently announced Obama Administration plan to develop new and more secure online authentication methods is a much-needed development in securing cyberspace, according to Michael Chertoff, former Department of Homeland Security secretary.
Speaking at this week’s Visa Global Security Summit in Washington, Chertoff also urged more public and private sector cooperation in fighting cybercrime, emphasizing that a broad range of solutions, tested through trial-and-error, will be needed to combat cyberthreats.
Answering questions after his speech, Chertoff said the Obama administration’s new National Strategy for Trusted Identities in Cyberspace , which aims to develop new authentication solutions that would also consolidate numerous login credentials, comes at a time when passwords and similar authentication methods may be headed towards obsolescence.
Such methods are supposed to be secure and secret, but the more they’re used, particularly when accessing multiple user accounts, the weaker they become, said Chertoff, now chairman of the Chertoff Group , a risk management and security consulting firm.
The initiative—which will bring together industry groups, the Commerce Department, and other public- and private-sector organizations—is also a good example of how government can be effective in bringing widely differing organizations together to develop new security standards and technologies, he said.
But much more public/private sector cooperation is needed, said Chertoff. Both sides have significant experiences and capabilities that can greatly assist the other. Government strengths include law enforcement powers, intelligence, and experience from worldwide investigations.
The primary way the private sector can assist government may be in information sharing, he said. Knowledge of attackers and their methods, and effective dispersal of such information, is crucial in curbing cyber threats. Continuing advancements in solutions that can monitor networks for suspicious activity is a promising area of cyber security, he added, and can help generate even more valuable data.
But public and private sector cooperation has faced numerous challenges, he said, including insufficient trust and legal and other barriers to sharing sensitive information.
Organizations could also benefit by avoiding an excessive focus on certain kinds of existing or potential security strategies and techniques, he said. Some organizations focus too much on new technological solutions and neglect areas, such as training and educating end users on cyber risks, that can be an effective and low-cost approach.
♦ Photo of Michael Chertoff, then secretary of homeland security, by Marion Doss/Flickr