Public Health Serves as Cybersec ModelReasons Behind Anti-Smoking Bans Applicable in Cyberworld
Charney, in an interview with Information Security Media Group's GovInfoSecurity.com, sees a parallel between smoking bans and restrictions to be placed on individual computer users. For years, experts have advised users to engage in basic computing hygiene: turning on firewalls, patching software flaws, running anti-virus and anti-malware programs and backing up data. "We used to say, 'If a user chooses not to patch and chooses not to run anti-malware products, they're putting themselves at risk, but that's their choice,'" he says.
But like smoking, the computing environment has changed, and as cybercriminals seize individuals' PCs to use them botnets, those individual computer users aren't the only victim. "It means that your failure to do basic hygiene didn't just impact you, but now impacts those around you and impacted the ecosystem. so, like smoking, the failure to engage is safe behavior was no longer not just an issue for you, it's an issue for everyone," Charney says.
"We started thinking if that's true, how do we raise the level of security for the ecosystem at large?" he asked. "We started thinking about what we've done in public health, which is have systems in place, so when bad things are happening, they're identified quickly and can be remediated quickly."
In the interview, Charney also discusses the
- Performance of the Obama administration in tackling the nation's IT security needs.
- Challenges attribution - the ability to identify those who access networks and systems - presents user organizations.
- Evolving definition of trustworthy computing, which is part of his title.
Charney oversees Microsoft's trustworthy computing team that works with business groups throughout the company to ensure its products and services adhere to Microsoft's security and privacy policies. He also engages with governments, industry partners and computer users on important security and privacy issues such as critical infrastructure protection, software assurance, and identity management.
Presidential AppointmentIn late May, President Obama named Charney to the National Security Telecommunications Advisory Committee. Charney served as one of the co-chairs of the Commission on Cybersecurity for the 44th Presidency, which submitted to the new president in 2008 a blueprint for the nation's cybersecurity.
Before joining Microsoft in 2002, Charney was a principal for the professional services organization PricewaterhouseCoopers, where led the firm's Cybercrime Prevention and Response Practice.
Earlier in his career, Charney served as chief of the Computer Crime and Intellectual Property Section in the Criminal Division of the Justice Department. As the leading federal prosecutor for computer crimes from 1991 to 1999, he helped prosecute major hacker cases and co-authored numerous documents, including the Federal Guidelines for Searching and Seizing Computers, the National Information Infrastructure Protection Act of 1996, the federal computer crime sentencing guidelines, and the Criminal Division's policy on appropriate computer use and workplace monitoring.
A former Bronx, N.Y., district attorney, Charney holds a law degree with honors from Syracuse University and bachelor degrees in history and English from the State University of New York in Binghamton.