A forum discussing the next steps in cybersecurity at Stanford University focused on the National Strategy for Secure Transaction in Cyberspace. U.S. Department of Commerce Sec. Gary Locke and Howard A. Schmidt, White House Cybersecurity Coordinator, both spoke on the importance of the strategy and how there needs to be a partnership between the government and private sector in order to make it happen.
With trillions of dollars of transactions conducted online there is a need for privacy enhancing feature so the Internet can reach its full potential, Locke said during the forum. Part of this will be better securing identities online.
Schmidt laid out a scenario where someone would be able to go to a store, have their identity proofed and then receive some type of credential that could be used online to verify identity. He also stressed how the strategy will have to be a partnership between public and private sector with the latter guiding the way. “We need the private sector to lead the implementation of this,” Schmidt says.
And while the strategy is about a credential it is also about enabling privacy, Schmidt says. “We seek to limit the amount of data that is used to conduct a transaction,” he says.
One of the more salient points during the forum was from James Dempsey, vice president for Public Policy at the Center for Democracy and Technology, and Nominee to the President’s Privacy and Civil Liberties Oversight Board. He said the government needs an identity ecosystem as part of a broader security strategy but it cannot create it, the private sector needs to do that.
Dempsey also noted that credentials cannot come from a single provider and multiple private sector organizations need to be involved.
While the first draft of the national strategy was released in June additional documentation is expected at some point this winter. A date for release was not mentioned during the Stanford forum.