Security trade group formed

Eleven computer security companies announced the formation of an advocacy group, the Cyber Security Industry Alliance, to influence public policy and spending on cybersecurity.

The members, which include well-known computer security firms, said they want to promote generally accepted information security principles, exchange cybersecurity threat information with government agencies, and eventually expand education and research to improve cybersecurity.

Paul Kurtz was named executive director of the new organization. He is a former special assistant to the president and senior director of the Critical Infrastructure Protection Directorate under the White House's Homeland Security Council.

The alliance may push to have the federal government adopt generally accepted information security principles that security practioners have spent a dozen years developing, said Ron Moritz, senior vice president and chief security strategist at Computer Associates International Inc., a founding member of the alliance.

Other members include: BindView Corp., Check Point Software Technologies Ltd., Entrust Inc., Internet Security Systems Inc., NetScreen Technologies Inc., Network Associates Inc., PGP Corp., RSA Security Inc., Secure Computing Corp. and Symantec Corp.

Information security principles would be similar to the generally accepted accounting principles that the financial accounting industry uses as guidelines, Moritz said. The information security industry is much closer to agreement on common principles than many people realize, he added.

Companies in the alliance are also interested in and supportive of the federal government's information technology product and systems certification program known as the National Information Assurance Partnership, Moritz said. But they would like to explore ways to make the process more efficient and less expensive for businesses, he said, especially for small companies and startups.

Shannon Kellogg, director of government affairs at RSA Security, said Bush's 2005 budget request proposes substantial spending increases on cybersecurity. With that new money, he said, the federal government could make improvements in information security governance. "We'd like to see the federal government become a role model for good cybersecurity practices," he said.

Rep. Adam Putnam (R-Fla.) issued a statement Feb. 25 supporting the new alliance and praising its focus on cybersecurity, which he called a critical issue "with potentially far-reaching ramifications to the American people and the U.S. economy." Putnam is chairman of the House Government Reform Committee's Technology, Information Policy, Intergovernmental Relations and the Census Subcommittee.