Interview with William Bill Boni (Bill.Boni@motorola. com), Corporate Vice President, Motorola
What is the vision and goal of Motorola’s security solutions for the public sector?
Current and next generation mobile technologies are enabling government agencies to realise many of the productivity improvements achieved in the private sector, resulting in reduced costs and greater responsiveness to consituent needs. However, greater utilisation of information technologies comes with increased security risks. Motorola’s global security services team helps public and private sector customers define, design and deploy cost effective strategies to address the security, regulatory compliance and operational risks inherent in communications technologies.
How important in your opinion is the whole issue of network and information security for the government?
In the digital era, access to information and the sharing of knowledge have created a new global currency that is transforming the fundamental economic, educational and social constructs of society, creating unprecedented opportunities for positive change. But with this potential for positive changes also exists the reality that criminal and terrorist organisations are using technology technology today to commit financial fraud, disrupt society and facilitiate acts of terror. In this contest between positive and negative forces, governments must take a leadership role in network and information security to fulfill their most fundamental obligation of protecting the public they serve.
Tell us about Motorola’s network security services.
One of the common misperceptions about security is that weaknesses in the technical infrastructure can be addressed by adding more layers of technology. While new technologies are needed, the weakest links that are exploited today frequently exist within the realm of people, policy and process. Unlike many security companies that exist primarily to market security technologies, Motorola provides security services that help customers cost-effectively define, design and deploy holistic solutions that intergate people, policy, process and technology to mitigate the risks of current and next generation technologies.
What are your suggestions to the government officials planning and implementing the e-Government projects and programmes in terms of security risk management?
Government officials must understand that in the 21st century information risk management is a foundational expectation of citizens. Even systems and applications that are expected to be “protected” from attacks must be designed, built and tested to confirm they are secure against cyber attackers who may operate from anywhere in the world, including inside the sponsoring governments networks. Too often projects are only evaluated on their ability to meet identified positive “use cases”. Its especially important that e-Government projects which provide benefits (financial, informational, operational) to society must also be assessed with “abuse cases” that can reflect the criminal mindset and the tool kits of malacious attackers.
It is also crucial to ensure that leadership of major programmes are accountable for effective security/risk managment. Techno-logy alone is not sufficient to ensure secure operations; it requires the proper mix of policy, process, people and technology. Information security leaders and staff must act both as champions for the necessary protections and monitor ongoing operations to ensure that protections are sustained and evolve for the entire lifecycle of the project/programme.
The developing countries also need to strike the right balance and spend as little as possible to get the highest level of security. What is your take on this?
Your question goes to the core of the role of IT risk management, which is to balance the investment of resources to achieve optimal reduction of risk. Absolute protection is impossible and all information assets cannot be protected equally. Developing countries must balance the benefits of investing in next generation technollgies and infrastructure, with investments in security programs that are designed to address prioritised risks.
What future plans does Motorola have for increasing its Government IT market share in emerging markets, especially in India?
Emerging markets and India in particular are in a unique position to invest in infrastructure that surpasses the legacy networks in more developed nations. For example, Motorola’s enhanced IP-based TETRA communications solutions, Wi4 wireless broadband solutions, and IP-based solutions for telecommunications and network service providers are enabling both government and industry to reduce the cost of “everywhere anywhere access” to information, including voice, video and data. Motorola security services professionals work along side our product and engineering teams to help ensure that the environments within which these new solutions are deployed leverage best practices for achieving defense in depth security. In today’s increasingly connected world, where the security of one network directly impacts other networks, building a strong operational foundation for security is essential to the benefits of new technology.