Cyber Security Top of Mind at CompTIA's Breakaway

Share it on Twitter  
Share it on Facebook  
Share it on Linked in  
At CompTIA’s Breakaway 2011 education event for the IT channel this week in Washington, D.C., cyber security is a focus of several conference sessions and, at the inaugural CompTIA Tech Summit, co-located with Breakaway 2011, a Cybersecurity Summit is scheduled for this Thursday, August 4.

CompTIA president and chief executive officer Todd Thibodeaux said the aim is to touch on all of the key issues in cyber security.

“The area that I’m most interested to see how much discussion and dialogue happens around is mobility,” he said. “Between last year’s Breakaway and this year, we’ve seen an immense number of issues come to the fore in the handset and iPad, and generally, in the mobility area as a whole.”

To that end, Thibodeaux said, CompTIA has invited Chicago-based viaForensics to Breakaway 2011. “They’re doing a service called appWatchdog, which looks at applications,” he said. “We’ve toyed with some ideas about doing things with that; either certifying applications, or developing certifications around people who develop mobile apps and security. I think that’s just going to become a bigger and bigger issue, so I’m very interested to see how that dominates the discussion.”

Thibodeaux said the basic concept behind viaForensics’ offering is straightforward. “They will take an application and basically beat it to death to see how many security holes it has in it. Andrew Hoog, [viaForensic's chief investigative officer and co-founder], is going to speak on one of our panels on that particular topic. There’s not a lot of companies in this space right now, and they’re doing some really innovative things.”

The problem, Thibodeaux said, is that mobile applications present some unique security challenges. “You don’t see a padlock anywhere in an app to let you know how that app is securely storing data or not so I think we’re going to see an emergence of some seals along the way, like we saw from VeriSign when the Internet was first coming along,” he said.Another key issue, Thibodeaux said, is micro-breaches.

“I had an experience in an airport three weeks ago where two gentlemen that didn’t know each other were sitting there, and one person had set up his 4G hotspot and, when he went to the bathroom, the guy next to him looked at it and wrote down the entry code and logged onto his network,” he said. “So this is an issue, these small incursions, which have significant implications for maybe not huge populations, but really serious implications for a small number of people.”

National standard

Thibodeaux said CompTIA is also strongly in favor of a national standard for data breaches. “Continuing to talk about the patchwork of state laws just does nobody any good. It doesn’t help in any way. And so some of the legislation that Representative Mary Bono Mack (R-CA) has talked about is pointing the way towards what we’d like to see,” he said.

At the Cybersecurity Summit on Thursday, Congressman Peter J. Roskam will introduce the Congressional Small Business Information Technology Caucus, to be chaired by Roskam and Congresswoman Loretta Sanchez. “They’ve agreed to co-chair a new congressional caucus focused on the issues of the SMB IT community, and I suspect that security issues are going to be a big part of the things that that caucus will be dealing with,” Thibodeaux said.

The Cybersecurity Summit will also include two panel discussions. The first, “Security & Cloud Migration Challenges for Business and Government,” will examine the security concerns surrounding cloud computing and the best ways to mitigate them. The second, “Cybersecurity in the Age of Mobility,” will look at the challenges inherent in promoting technological innovation while also protecting data.

The Cybersecurity Summit will conclude with a presentation by Allan A. Friedman, research director of the Center for Technology Innovation at The Brookings Institution. Friedman’s current research focuses on IT policy with a particular emphasis on cyber security policy and the dynamics of information policy.

Security-related events at Breakaway 2011 include the IT Security Channel Training Course, which consists of three modules. The first module, “Transforming Your Business Through IT Security – Part 1,” explores what comprehensive security looks like and what it takes to become a trusted security advisor.

The second, “Transforming Your Business Through IT Security – Part 2,” lays out a process for completing a risk analysis, including how to assess emerging risks and trends in the IT industry.

The third, “Strategies for Accelerating Your Security Business,” offers guidance on developing security strategies that take into account customers’ business needs and the current IT landscape.

In addition, the “CompTIA Security Trustmark Workshop: Your Roadmap to Security Best Practices” will offer skill-building exercises, resources and networking opportunities to help participants prepare their companies to earn the CompTIA Security Trustmark, a credential awarded to IT solution providers.

Jeff Goldman is a freelance journalist based in Los Angeles. He can be reached at jeff@jeffgoldman.com .