Security Firms Join Forces as Lobbying Group

Major Internet security vendors formed a lobbying group this week to give their industry representation in Washington, D.C., amid continued fears about the United States' critical information infrastructure.

The 12 companies called the new group the Cyber Security Industry Alliance (CSIA). Its agenda includes introducing policy initiatives, coordinating between the public and private sectors, academic work and fostering industry standards among members.

Founding members of the not-for-profit organization are BindView, Check Point Software, Computer Associates, Entrust, Internet Security Systems, NetScreen, Network Associates, PGP Corporation, Qualys, RSA Security, Secure Computing and Symantec (Nasdaq: SYMC).

Homeland Security Liaison

The CSIA, to be based in Massachusetts, will form committees derived from top-ranking executives of the member companies. One major goal of the group is to coordinate relations with the U.S. Department of Homeland Security. The CSIA is attempting to make this process smoother through the appointment of Paul Kurtz as its executive director. Kurtz previously ran the critical infrastructure protection group for the White House's Homeland Security Council.

Richard Stiennon, vice president of research at Gartner (NYSE: IT), said the alliance is 90 percent public relations.

"It is always better to form a united front," Stiennon told the E-Commerce Times. "So this is mostly good public relations through the need to stop everybody pursuing separate agendas."

However, Stiennon expressed skepticism about the group's potential to achieve unique policy goals.

"Forming an advocacy group is not unique, so I don't expect a cyber security group to be any more effective than other lobby organizations in Washington," he said.

Voice in Concert

Meanwhile, Yankee Group analyst Patrick Mahoney said the alliance shows the Internet security industry realizes it must work with the government to achieve commercial objectives.

"The Internet is as much a societal issue as it is a business one," Mahoney told the E-Commerce Times. "Consequently, the government will be looking for leadership in policy directives that reduce the problems of cyber security.

"By forming this alliance, the industry now has a voice to match those that support Internet consumer groups," he added.

Less Secure Than Last Year

Meanwhile, results of the second annual Internet Insecurity study were made available at the RSA Security conference in San Francisco, showing a rise in the number of security incidents in the United States.

The index is segmented into six areas, including: Hacks, Attacks and Flaws; Threats; Internet Crime and Fraud; Internet Users and ISPs; Information Security Industry; and Government. A rating is calculated on a scale of 1 to 10. The higher the score, the greater the level of insecurity. This year's rating is 7, up from 6 in 2003.

"Information security has become one of the most critical issues for industry, academic and government officials over the past year," said Sandra Toms LaPedis, area vice president and general manager of the RSA Conference.