Security. It’s an old problem, but it’s just been restated with a new urgency. And it has all kinds of implications for the practice of e-government as it’s evolved over the past few years.

The Cassandras were both CEOs, availing themselves of a platform at the RSA conference last month. And they were singing from the same gloomy songbook.

Enrique Salem, the new CEO at the security heavyweight Symantec, was particularly blunt. The current model of cybersecurity, he said, just isn’t working.

“It’s time to change the game,” Salem said as he called for “a bridge between day-to-day operations and security departments” to create shared plans and goals.

In Salem’s reckoning, the problem with security now is that it’s done piecemeal. His argument was nicely captured by Internetnews.com:

“(A)dministrators still perform manual analysis of threats against their systems within carefully partitioned silos. One team configures laptops, another looks after the datacenters, an operations team keeps an eye on routine tasks and an entirely separate security team does vulnerability testing. . . . Stand-alone products at various points within the system hamper policy coordination, making automation of many processes nearly impossible. Lower-level administrators end up creating de facto policy day-by-day based on how they configure e-mail, backup and server security.”

Salem’s musings ran along the same lines as the keynote address at the same conference by John Chambers, chairman and CEO of Cisco. Chambers argued that security has to become fundamental in IT infrastructure – which means integrating it into business processes.

“Security isn’t a stand-alone area,” he warned. “Security is something that has to be embedded in our strategy, it has to be embedded in our technology, it has to be automated,”

Salem and Chambers are hardly the first to worry about security, and cynics will argue that Salem in particular has a vested interest in making his case. On the other hand, CEOs don’t often go this route in public – which suggests that their fretting about the bad guys is entirely appropriate.

And if that’s true, reflect for a moment on the consequences for the good old Internet, vehicle of choice for citizen cyberconnection with government.

It’s simple, really: If the bad guys make the Internet in its various incarnations too risky, people will simply abandon it where possible. Snail mail used to work as a way to pay your taxes; it still does, by all accounts.

Which of course would leave all those nifty vehicles of electronic service delivery – the pride and joy of e-government over the past 10 to 15 years – in a difficult spot.

Pity, that.

 

Tags: Cisco, eGovernment, Security, Symantec