When someone from the White House speaks out on an issue, it’s best to listen up. And now there’s a voice coming from America’s most important house that specifically has to do with cybersecurity.
A call to action
That voice belongs to Ari Schwartz, who’s about as entrenched in Internet policy as one can get. Back in 2011 Schwartz was appointed as Internet Policy Advisor for the U.S. National Institute for Standards and Technology. His work there was a success, and he started gaining notice in his niche. Today, his hard work has paid off, since he now serves as White House Senior Director for Cybersecurity.
Schwartz has his work cut out for him. Indeed, not enough people give serious thought to the issue of cybersecurity. All too often, security in the digital space is something that individuals and even corporations take for granted where they shouldn’t. But by working at the White House, that’s something Schwartz is aiming to rectify through the deployment of policies that hold cybersecurity among organizations and individuals to a certain standard. Schwartz was instrumental in getting an initiative off the ground that sought to implement voluntary cybersecurity standards for enterprises like power companies and hospitals. And he’s been able to carry out his work without infringing on organizational privacy or imposing mandates.
“Everywhere I go, people thank me for the work we did on the cybersecurity framework and how it got better over time: The trust from the private sector to keep it voluntary; from the privacy groups, we hear that they are glad we were able to keep the Fair Information Practice Principles in the document despite the heavy pressure that we got from industry on that,” he said in an interview with Nextgov.
But Schwartz knows his work doesn’t end there. After all, there’s still a lot of cybersecurity threats out there, and one White House group, no matter how hard-working, isn’t going to single-handedly eliminate them all. That’s why the responsibility to implement protective and preventative measures shouldn’t only be up to governments to regulate, but should also be something enterprises consider.
Holding your business to a high security standard
With voices like Schwartz’s out there calling for action, the question is, will you listen? For many businesses, it’s easy to fall into a complacent mindset – the one that reasons, “Well, we haven’t been attacked yet, so we don’t have to worry about hackers.” But we don’t live in an age of planning for “if” you’re attacked. Instead, it’s a matter of when. And when a cybercriminal tries to get into your business, we’re sure you’ll want to be ready.
That’s where having a comprehensive and well-thought-out security plan becomes imperative. First, it’s important to equip your organizational infrastructure with the kind of layered security that keeps the bad guys at bay. That way, you’ll substantially reduce the possibility of a malicious intruder ever breaching your business’ cyber walls. But in the event that something like that does happen, you’ll need a plan to fall back on. After all, a cybercriminal can easily commandeer an entire enterprise server and hold it for ransom, perhaps not returning the data even if the ransom is paid.