Posted by: Tim Rains, Director, Trustworthy Computing

 

Last week I shared some details about the Security Development Conference 2012 for those unable to attend.  I also provided a recap of Richard Clarke’s keynote and included a video interview in which Richard shared his perspective on the importance of secure development to critical infrastructure.

Another keynote that took place later that day came from General Michael V. Hayden, principal, The Chertoff Group and former director of the U.S. Central Intelligence Agency and U.S. National Security Agency.  In his keynote, titled “The Persistent Threat: Understanding the Cyber Security Challenge We Face Today,” was another thought provoking talk that emphasized the serious nature of cyber threats to society and the importance of taking action now.  In his keynote he stated that “while the cyber threat is often intensified in terms of war fighting, the fact remains that there is serious malicious activity and resulting economic damage occurring within our private sector.”  He went on to make the point that the private sector should not rely on the federal government’s ability to provide security for their systems and that private firms need to take these threats seriously and prepare appropriately.

I had the opportunity to sit down with General Hayden before he delivered his keynote to discuss the importance of a conference focused on secure development to the public and private sector.  In our discussion General Hayden told me, “Our government has been late to need in coming to the requirements of our citizens for cybersecurity.” Given the situation, “the private sector is stepping up in a very robust way.”

You can watch the full discussion using the link to the video below. 


If you are interested in learning more about how secure development is being adopted by critical infrastructure providers, you can check some of the case studies located in our Microsoft SDL compliance center.  I encourage you to follow this series to learn more about what was discussed at the Security Development Conference 2012.