Short of an endorsement, the positive comments came during a morning keynote at today’s Visa Global Security Summit in Washington, where Chertoff spoke about strategic approaches to cybersecurity. While it was not one of the talking points he delivered during his address, Chertoff gave an initial positive review in response to an audience member’s question after the keynote speech.
When asked about his opinion on the recently finalized NSTIC plan, Chertoff said he thought it was a great example of the type of cooperation between the private and public sectors that is necessary to strengthen the security of ecommerce.
And while he admitted that certain challenges must be overcome to implement such a program – namely coordinating standards and best practices among several disparate entities across the commercial and public spheres – Chertoff characterized the move as “a very positive step forward”.
The White House’s National Strategy for Trusted Identities in Cyberspace (NSTIC) – first proposed in June of last year – aims to work with industry, the National Institute for Standards and Technology (NIST), and the Commerce Department to develop a national online identity system for US citizens. It was just last week that the Obama Administration released its final plan to develop the NSTIC.
As previously reported by Infosecurity, NIST has stressed that the program will not involve issuing a national cyber ID card. Rather, people who want an online identity will be able to opt into the system, which will likely use multiple identity providers – both private and public. The aim of the program is to simplify online identity management, and therefore improve security, rather than having users maintain multiple user names and passwords across various e-commerce/e-government accounts.