The formation of a global cyber security group similar to the World Health Organisation (WHO) is required in order to share vital information, according to former United States Federal Government chief information officer, Vivek Kundra.
Speaking at the Australian Information Industry Association (AIIA) Summit in Canberra, Kundra, who is now executive vice-president of emerging markets for Salesforce.com, said the proposal came as a result of trying to securely manage 2094 data centres during his CIO tenure at the White House.
“In the context of federal [government] systems, we realised that with 2094 data centres we were not very secure,” Kundra said. “The fragmented infrastructure and uneven talent distribution in terms of managing those data centres was creating vulnerabilities.”
Another problem Kundra faced was US government officials sometimes believing that because they owned and operated the system, they were more secure. “If you think about national security, our [US] command and control infrastructures have been under attack since the days of the Pony Express,” he said.
As most of the world is now interconnected via the Web, Kundra said a WHO-like cyber security body could share information about risks and collaborate on a global level, much like the WHO does when assessing epidemics. “We can’t pretend that we live in a geographically constrained area when it comes to cyber security,” Kundra said. “The power of the internet allows you to plug into the global grid but also leaves you open to attack.”
In addition, Kundra outlined how he deployed a ‘Cloud First’ policy within the US Federal Government to cut down on what he deemed wasteful IT spending.
“We were spending US$80 billion on information technology, yet when we looked at the citizen experience, we realised that it was one of the worst because you either had to wait in line for government services, hold on the phone or submit a long paper form to get some of those services.”
To give government officials a clearer picture of spending, he developed an IT dashboard which shared the performance of every IT project, and budget expenditure.
Within weeks of the dashboard going live, the Veteran Affairs department halted 45 IT projects and terminated four of them.
“Cloud First forced an injection of consumer technologies into the enterprise and departments didn’t have to spend billions of dollars on upgrades but could move to a notion of service provisioning,” Kundra said.