A central element of homeland security

In an exclusive interview with MENA Infrastructure Herbert C. Lüthold comments on information security management in a society more and more dependent on ICT.

How important is a high-quality information and communication technology (ICT) for an economy?

Today's global society wouldn't have developed without available ICT. Thus, ICT is definitely among the so-called critical infrastructure of a state, together with energy and water supply, emergency and rescue services, transportation and traffic, banks and insurance companies, government and public administration. If you consider that most of these infrastructures are dependent on ICT, its importance is clear. Since the overwhelming majority of information and communication infrastructure is privately owned, the quality of information can succeed only through close partnership between government and industry. A functional and high-quality ICT has become an essential key factor and location advantage for a prosperous economy.

How can the protection of ICT infrastructure be guaranteed in a state?

There are three areas to be differentiated. First is the governance on the ICT, the information relevant for homeland security and the privacy laws imposed by the state to protect its citizens and thus the private sector. The governance over the critical ICT infrastructure, whether concerning availability or reliability, is one of the key issues. With all-IP applications and internet, this has become a demanding challenge. Especially because also the remaining critical infrastructures are controlled and monitored via IP networks, be it e-Government, military C4I, or business-to-business applications. The second important point: what kind of information is relevant for homeland security? This requires a state's full control - duplicating and falsifying official documents and messages can be performed quietly by third parties using today's technology. Finally, the point of data protection and privacy is a key point when it comes to dealing with electronic data in a state. Under the pretext of terrorist countermeasures, the privacy of all citizens or companies has diminished considerably in recent years. But man has also introduced his own risk; by the way he handles his electronic data, be it using Google or Facebook.

The protection of a country's ICT infrastructure is and will increasingly be a central element of homeland security. To have the competence to control ICT infrastructure and its risks can only be solved by a government organisation co-operating professionally with the private sector. The organisation should carry out the following primary tasks: Ensure by appropriate preventive measures that only few mishaps occur; dangers and threats are to be detected as early as possible, in order to provide appropriate countermeasures or to allow avoiding risky technologies; the effects of mishaps on society and state are to be kept to a minimum; and, the technical causes of faults are to be determined and corrected.

What measures can a state take in the field of ICT security, in order to minimise the risks related to dependence on international political and economic interests?

ICT security is of quite a respectable importance. Aspects to consider are the value of information, processes, training, organisation, technology and costs. Many states have governance of all the abovementioned aspects, but not of the technology. ICT security products - technologies that are primarily deployed for measures to mitigate risks - are sometimes used without any further consideration. State organisations have to be increasingly demanding and ask the producers of ICT security products for more transparency. This means that for critical ICT infrastructure only ICT security products that reach a certain level of confidence should be utilised.

What is Omnisec AG's contribution for the protection of critical infrastructure of a country or company?

Omnisec AG is a global provider of high-security trustworthy and transparent ICT security solutions for civilian agencies, military organisations and international companies. It is important for us to evaluate ICT risks together with the customer in order to take appropriate security measures and to establish the so-called security operation. Our wide ICT security products portfolio and know-how allow us to be a reliable and trustworthy partner in the Gulf Cooperation Council region.

Herbert C. Lüthold is Senior Vice President of Marketing & Sales at Omnisec AG.