The tech industry needs a global body to legislate on security standards, according to an IBM security expert.
At the current time, common criteria is not a modern enough approach and "something needs to happen on a global stage," said Kristin Lovejoy, vice president of security strategy at IBM.
An organisation needs to be established, perhaps within the UN, to govern security standards, although it is likely this would take "a long time," Lovejoy explained.
"Here's the problem, if the Russians, the Chinese, the US, the EU and Singapore if they all come up with their own standards what happens is it becomes impossible for organisations to compete globally because they have to rebuild their products for every geographical market," she told IT PRO at this week's RSA Conference Europe.
With nation-set standards, manufacturers would be required to provide their source code to that national government and this would bring with it intellectual property (IP) issues, she said.
"It's not simply the potential IP theft issue, it's the fact that those national governments now have insight into your protection profiles," Lovejoy explained.
"On some levels, security is still about obscurity and the more they know the more there is a potential for them to create backdoors into those technologies. We're in this state now where we are stuck because we don't have an international standard other than common criteria, which I think everybody agrees... needs to be improved, modernised."
She called for an international best practice to be accepted by national governments across the world and provide multi-nationals with a "safe harbour."
-
RSAC Conference 2025: The front line of cyber innovationITPro Podcast Ransomware, quantum computing, and an unsurprising focus on AI were highlights of this year's event
-
Anthropic CEO Dario Amodei thinks we're burying our heads in the sand on AI job lossesNews With AI set to hit entry-level jobs especially, some industry execs say clear warning signs are being ignored
-
‘A major step forward’: Keir Starmer’s £187 million tech skills drive welcomed by UK industryNews The ‘TechFirst’ program aims to shore up the UK’s digital skills to meet future AI needs
-
Government’s ‘Humphrey’ AI tool helps local authorities cut costsNews The Minute tool, part of the Humphrey AI assistant, is being trialled at 25 councils
-
‘There is no law of computer science that says that AI must remain expensive and must remain large’: IBM CEO Arvind Krishna bangs the drum for smaller AI modelsNews IBM CEO Arvind Krishna says smaller, more domain-specific AI models have become the most efficient and cost-effective options for enterprises.
-
IBM puts on a brave face as US government cuts hit 15 contractsNews Despite the cuts, IBM remains upbeat after promising quarterly results
-
Starmer bets big on AI to unlock public sector savingsNews AI adoption could be a major boon for the UK and save taxpayers billions, according to prime minister Keir Starmer.
-
UK government targets ‘startup’ mindset in AI funding overhaulNews Public sector AI funding will be overhauled in the UK in a bid to simplify processes and push more projects into development.
-
IBM completes HashiCorp acquisition after regulatory approvalNews IBM has completed its $6.4 billion acquisition of cloud automation and security firm HashiCorp,
-
UK government signs up Anthropic to improve public servicesNews The UK government has signed a memorandum of understanding with Anthropic to explore how the company's Claude AI assistant could be used to improve access to public services.
