Financial incentives do more for security than regulation: McAfee CTO

A US security expert has applauded the Australian federal government's approach to improving cyber security but suggested that businesses may need a financial carrot to bring their systems in line.

A US security expert has applauded the Australian federal government's approach to improving cyber security but suggested that businesses may need a financial carrot to bring their systems in line.

Speaking to CIO Australia, McAfee chief technology officer Michael Fey said the government should be commended for setting aside $1.46 billion in funding as opposed to "just talking" about improving security.

Learn how smart CIOs are protecting customers from security breaches

"With an investment like that you catch people's attention and they start thinking about security from the very start rather than taking a reactive approach," he said.

However, businesses around the world are still lagging behind with information security and financial incentives could be more beneficial than imposing more regulation.

"Our personal information resides in all of these businesses and regulation only goes so far," he said. "We're better off offering incentives to those businesses to take this subject seriously and evolve security with them."

According to Fey, financial incentives could also change the mindset of CEOs or CFOs who view information security as a cost.

"The reality with critical infrastructure and financial organisations is they have to take security seriously. When they do that, it should be a positive experience -- not one that diminishes their profits," he said.

While Fey is not a fan of security regulation, he disagreed with comments made by World Wide Web inventor Sir Tim Berners-Lee that Australia's proposed data retention laws are a "really bad idea".

Speaking at a CSIRO event in Sydney this week, Berners-Lee said that while it was important for countries to be able to defend themselves from cyber attacks, there were inherent dangers with "snooping" on people.

"I don't believe that cyber security means loss of rights beaus it guarantees that we are free to operate and exchange ideas as well as protect our intellectual property [IP] without giving up our Internet privileges," Fey said.

"It's really unfortunate for the cause that cyber security and human rights are getting linked together."

Follow Hamish Barwick on Twitter: @HamishBarwick

Follow CIO Australia on Twitter and Like us on Facebook... Twitter: @CIO_Australia, Facebook: CIO Australia, or take part in the CIO conversation on LinkedIn: CIO Australia

Comments are now closed.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: Security ID
Whitepapers
All whitepapers

Rushed Heartbleed fixes may expose users to new attacks

READ THIS ARTICLE
DO NOT SHOW THIS BOX AGAIN [ x ]
Sign up now to get free exclusive access to reports, research and invitation only events.

Computerworld newsletter

Join the most dedicated community for IT managers, leaders and professionals in New Zealand