Online Security, a global provider of computer forensics and information technology risk mitigation since 1997   Original Source:    http://www.technewsworld.com/perl/story/32145.html Tech Security Chiefs Form Alliance Author:  By Brian Krebs "We really do need to work together, because it's in the interest of all to improve the lot of all," Oracle's CSO Davidson said. "Hackers who are colluding against us are definitely cooperating a lot more than we are right now." Nearly a dozen top technology luminaries are lending their star power to a new think-tank that will look for ways to elevate the status of chief security officers in the private sector, a move that they say will go a long way toward improving Internet security. The Global Council of Chief Security Officers was formed by former White House cybersecurity adviser Howard Schmidt, who said it helps fulfill a promise he made after leaving the Bush administration earlier this year to make Internet security a top issue in the business community. "I committed to the White House that when I returned to the private sector I'd make sure this stays as a front page item for corporate boards and for everyone else," said Schmidt, now the chief security officer of online auction giant eBay (Nasdaq: EBAY) . The White House's cybersecurity strategy, released in February, contains plenty of requirements for the federal government to secure its own computer networks but only features recommendations for the business community. The problem with that, say technology experts, is that too many corporations do not devote adequate money and other resources to computer security even though they control 85 percent of the nation's vital networks. CSO Relatively New "This whole concept of a CSO is a relatively new thing," Schmidt said. "Ten years ago (chief information officers) had sort of an ill-defined role where many companies didn't know where to put them and how to fund them, and we're seeing much the same thing today in the security space as well." Schmidt assembled a group with an array of impressive credentials to press for more resources for network security operations, including Microsoft Corp. chief security strategist Scott Charney, encryption pioneer and Sun Microsystems security chief Whitfield Diffie, Oracle (Nasdaq: ORCL) Corp. Chief Security Officer Mary Ann Davidson and MCI's Vint Cerf, widely considered the "father of the Internet." "We really do need to work together, because it's in the interest of all to improve the lot of all," Oracle's CSO Davidson said. "Hackers who are colluding against us are definitely cooperating a lot more than we are right now." The council also will consult with technology vendors and industry groups to help design more secure products for the next generation of the Internet, Schmidt said. Cerf said that the council should also encourage more compatibility between different and competing technologies. Failure to do so, especially as the Internet grows into even more of a commercial medium, could prove damaging to online networks. Efforts Underway "Many of us have a long-term connection with the Internet and an interest in seeing it survive well into the 21st century, and there is a great deal going on that could potentially threaten its stability," said Cerf, who also serves as chairman of the board for the Internet Corporation for Assigned Names and Numbers (ICANN), the group that oversees the Internet's addressing system. In the early 70s, when Cerf helped develop the communications rules that allow computers to talk to one another through the Internet, the network was used mostly by a small number of trusted researchers and specialists who were responsible for maintaining its health and security. Today, the caretakers of the Internet have expanded to include millions of businesses and home users. In addition, an onslaught of hackers, viruses, worms and junk e-mail continuously use inherent weaknesses in those communications rules, which were never designed with security in mind. Efforts underway to replace the old standards with more secure rules can mitigate those threats, but only if a significant number of businesses and governments building and retool their networks, said Sun's Diffie. Schmidt said he hopes the group can live up to its name by expanding its membership outside of the United States. First Meeting in January The council will hold its first meeting in San Jose in January and a CSO summit in San Francisco the following month. U.S. CERT , a new partnership between the Department of Homeland Security and the CERT Coordination Center -- a government funded security watchdog group at Carnegie Mellon University in Pittsburgh -- will oversee the council's day-to-day activities. Other security chiefs in the group include Motorola's Bill Boni, Dave Cullinane of Washington Mutual, and Rhonda McLean from Bank of America, as well as former Citigroup security head Steve Katz and Will Pelgrin, director of the New York State Office of Cyberspace Security. The council is on the web at: www.csocouncil.org