Idea to retire: Cybersecurity kills innovation

[Commentary] The “security disables” paradigm plays out in a multitude of ways. Government project leaders leave security requirements off the list within top innovative priority projects and keep cyber professionals off mission-critical teams, thinking that innovation will be slowed. On other occasions, innovation projects may not get priority treatment because of security concerns. Although history has shown that both public and private sector business leaders deploy new solutions with the mindset that security slows down innovative opportunities, the reality is the opposite.

From Wi-Fi and cloud computing to mobile devices and social computing, security enhancements came long after initial deployments. Had better security been included from the start, the later costs incurred from vulnerability remediation and data breach cleanup would have been less. Simply stated, security is a central component of innovation, as identified by the White House in their move to accelerate innovation in cybersecurity research and development. There is an unavoidable, symbiotic relationship between innovation and security. The benefits of innovation are not possible without the risks. However, effective security builds trust and is a win/win/win for the public sector, private sector, and citizens. If we are to improve trust in government, better security is an innovation imperative which starts with a different mindset towards developing secure applications and systems from the start.

[Dan Lohrmann is the Chief Security Officer (CSO) and Chief Strategist for Security Mentor]