It wasn't so long ago that interest in the topic of online crime was limited to a small circle of technologists. Nowadays, senior government officials talk about it as a potential national security threat. That's where Paul Kurtz comes in.
As the executive director of the Cyber Security Industry Alliance, a consortium of CEOs pressing for more-effective cybersecurity legislation, Kurtz is hoping to make sure any new regulations carry real weight. And since the 41-year-old Kurtz's resume includes a stint on the White House's National Security Council, as well as a period as senior director for national security at the Office of Cyberspace Security, it's a good bet that he'll find an audience willing to hear him out.
Kurtz helped develop the international component of the National Strategy to Secure Cyberspace, as a member of the President's Critical Infrastructure Protection Board. In his new post, Kurtz believes the CSIA, which was founded in 2003, can succeed where other security interest groups have not.
Unlike industry efforts that have criticised the government for doing too little, or policy groups that have called for action and failed to consider the implications of technology-oriented legislation, Kurtz is looking for middle ground. The security expert believes that by helping the government see the big picture, tech-wise, and aiding politicians in writing laws that have real teeth against cybercriminals, true progress against the tide of online threats can be made.
Earlier this month, ZDNet UK sister site CNET News.com caught up with Kurtz to hear his ideas on where CSIA's battle for better cybercrime legislation currently stands.
Q: Why do you think the CSIA will have an audible voice among the many parties pushing for cybercrime law reform?
A: Before our group was formed, there really wasn't any organisation that was focused on [cybersecurity] policy issues full time. People were following worms and viruses, and talking about best practices, but nobody was really following the legislative agenda on Capitol Hill or developments within the executive branch on a regular basis.
And we're looking in the states as well. We're CEO-driven, which makes us unique as well. We have top-level involvement from our corporate members, not just a passing interest.
The CSIA seems to be looking at spyware legislation quite a bit. Why is that work so important right now?
There is a real concern on the part of the industry to combat spyware. There are so many sites with different forms of adware that download malicious software and tools to people's computers and that are hard to uninstall. The interesting piece is that the adware people are beginning to get concerned and threatening to sue people who try to uninstall spyware, which they claim end-users have agreed to licence and load.
Talkback
There's one thing to consider too. Many of the newer software products have a small clasue in the user agreement where it tells the user that it will install spyware, or "monitoring software" as they seem to call it.
I realize that one can choose to simply click no and refrain from installing the program, but is it not wrong that one has paid money to a company, for a product that you cant use? Especialy if it is a program that ahs no subscription fees. This means that the firms get theyre cash but people can use what they payed for.