ITAA Cybersecurity Report Encouraging

The private sector is working to regulate itself across a range of important activity areas, according to the Information Technology Association Of America (ITAA), which last month released the results of a survey led by the University of Southern California's Institute for Critical Information Infrastructure Protection (ICIIP) at the Marshall School of Business. The Web-based survey, available on the ITAA Web site at www.itaa.org, included cross-sectional and vertical industry groups and trade associations, multinational and owner-operated businesses, academic institutions and professional societies. Respondents were asked to describe their top two or three accomplishments in cybersecurity during the past two years.

Among the accomplishments respondents reported were:

• A strengthened array of large-scale, network intrusion-detection and early- warning systems;
• Improved structures for inter- and intra-industry sharing of security-related information;
• Development of materials that identify information security best practices, educate users and build awareness of security vulnerabilities and corrective actions;
• Substantial investments in a wide variety of new information security products and product enhancements;
• Incorporation of no-charge antivirus protection in Internet services;
• Automatic online security updating of system and application software;
• Multi-industry efforts to establish cohesive cybersecurity standards; and
• The creation of several programs for cybersecurity assessment and certification.

ITAA president Harris N. Miller says the results are encouraging, but all organizations must remain vigilant about security. "We are very encouraged to find so many organizations doing so much to defend cyberspace," he says. "But we cannot rest on our laurels, because much remains to be done."