Apple security czar?

On the heels of rising security concerns for Mac OS X, one columnist believes that Apple should hire an external consultant to help assess, respond to, and correct security issues that are publicized. Reviewing the recent Wisconsin and Sweden hacking challenges, BusinessWeek columnist Arik Hesseldahl says that Apple should considering hiring a "security czar--akin to other large companies such as IBM and Oracle--to maintain public confidence in its operating system: "This person would be a well-known computer security expert, ideally from outside Apple, who would wave the flag for all things related to Mac security, debunking myths, correcting the record, and providing a public face when issues crop up.

"And when something does go wrong -- and I think eventually something will -- he or she would be Apple's ombuds officer evaluating what failed, where, when and how, and then take responsibility for seeing that it's fixed, reporting on the matter to CEO Steve Jobs, Apple's board of directors, and (where appropriate) its shareholders and customers," the columnist wrote.

While Apple VP of software technology Bud Tribble called the suggestion a "good idea," he said that Apple's approach was different -- that the company was hesistant to assign the responsibility of security to a single person, instead distributing the responsibility to all involved.

"For pretty much all the senior people at Apple, security is one of the top jobs on their list," Tribble told BusinessWeek. "When we think about security and how we design software, the basic approach is to make it as secure as possible, because most people really aren't security experts. We try to make sure things are pretty well locked down out of the box."

Hesseldahl also said that a large-scale, widespread incident on the Mac "could badly wound Apple's reputation."

by MacNN Staff