I’m very much looking forward to attending the upcoming Gov 2.0 Summit. The summit’s origins and purpose are as follows.
“Over the past fifteen years, the rise of the World Wide Web has resulted in remarkable new possibilities and business models reshaping our culture and our economy. Now the time has come to reshape government. With the proliferation of issues and a scarcity of resources to address them all, leaders inside and outside government are turning to the principles of participation, collaboration, transparency, and efficiency to address the challenges facing our country and the world. This is the agenda of the Gov 2.0 Summit.”
The agenda of the Gov 2.0 Summit and the number of technology and policy luminaries lining up to participate is really encouraging. And so I’ve been thinking, how does the security community play into this? How might we adapt to support the movement and leverage its best practices and principles to improve the risk environment for everyone?
Some might say that the principles of Gov 2.0 and “government as a platform” are ideologically opposed to the aims of the security community. I’m not sure that is entirely accurate, and I’d like to take a minute to share a few thoughts I have on the role of the security community during this time of opportunity. You can be more secure by being more open, in fact it is an imperative.
Let’s start by taking a broad-brush look back in history. A few decades ago the cybersecurity community was engulfed in innovation. As we all wrestled with understanding the implications of computer technology— first single user and disconnected, then multiuser and networked — the security community thrived. Everything was in flux and there were no checklists or best practices. Bold advances were made in cryptography and trust models, risk management meant taking calculated risks and capitalizing on successes while learning from failures (some deliberately and some accidental), and we saw the birth of a variety of innovative security products for their time like firewalls, intrusion detection systems, multilevel security operating systems and guards, and virtual private networks that were appropriate for that time period. With the rise of Web 2.0 and specifically Gov 2.0, now is a terrific time for the security community to surge ahead in innovation and create sustainable solutions for the next generation of platforms and users.
I think there are a couple trends in the market that are already driving security in the right direction; which in some cases, surprisingly, means out of the hands of the traditional security community. To raise the bar for security and create an environment that is safe for every netizen we need systemic changes that create an ecosystem of intolerance of threat, not just point solutions linked together in layers of defense. What point solutions that may be required need to be netcentric platforms that epitomize Web 2.0/Gov 2.0 practice and principle and not simply more robust enterprise apps or network appliances.
I’ll provide more on these over the next few weeks as the Gov 2.0 Summit draws closer.
Subscribe to this blog's feed
Comments