Events , Governance & Risk Management , RSA Conference
Cybersecurity as Civil Defense: Everyone Has a Role
Organizations Are Improving Basic Cyber Hygiene But the Problem Is How to ScaleMany organizations are finally improving basic cyber hygiene, but the major problem facing defenders and governments is how to achieve scale across all sizes of businesses including nonprofits around the world, said Phil Reitinger, CEO and president of Global Cyber Alliance.
See Also: Why the Future of Security Is Identity
The Global Cyber Alliance's core mission is "getting stuff done at scale" because everyone's devices today are a security risk, Reitinger said. He recommends reducing the number of vulnerabilities rather than trying to reduce the number of attackers.
"We're familiar with notion of civil defense - everyone has a role, the whole of society, and everyone has access to tools and services they need to do that," Reitinger said.
The alliance helps small businesses defend against attackers with cybersecurity toolkits distributed in multiple languages, with a sixth language recently added - Portuguese. But he added, governments need to invest billions of dollar to help secure the organizations that can least afford it, such as nonprofit helping agencies and charities.
"We all know what we have to do, but the will to get those things completed is not necessarily there all the time," he said.
In this video interview with Information Security Media Group at RSA Conference 2023, Reitinger discusses:
- SME cybersecurity toolkits;
- The civil defense approach to cybersecurity;
- The problem of cybersecurity at nonprofits.
Reitinger is a member of the American Bar Association Standing Committee on Law and National Security Advisory Committee. He also serves on the advisory boards of several companies and mentors other cybersecurity and privacy startups. Reitinger was the deputy undersecretary of the National Protection and Programs Directorate and director of the National Cybersecurity Center at the U.S. Department of Homeland Security from 2009 to 2011. Prior to his nomination, he was a chief trustworthy infrastructure strategist with Microsoft, and before that he was the executive director for the Department of Defense Cyber Crime Center.