Former White House CIO on encryption: “Backdoors are not architecturally sound”

Theresa Payton served as CIO for the White House from 2006 to 2008. She previously held executive roles in banking technology at Bank of America and Wells Fargo. She is the founder and CEO of Fortalice, a leading security, risk and fraud consulting company. She was named one of the top 25 Most Influential People…

paytont_featured
Photo courtesy of Executive Speakers Bureau.

Theresa Payton served as CIO for the White House from 2006 to 2008. She previously held executive roles in banking technology at Bank of America and Wells Fargo. She is the founder and CEO of Fortalice, a leading security, risk and fraud consulting company. She was named one of the top 25 Most Influential People in Security by Security Magazine.

Payton will be the keynote speaker at this year’s AIM Infotec conference in Omaha. In anticipation of that event, SPN spoke with Payton over the phone about her take on recent cybersecurity issues.

For Payton strong encryption is essential for modern businesses that deal with personal information, and that means no backdoors.

“We know that when building backdoors there’s no bouncer there who’s standing there saying, ‘If you’re a good guy, I’ll let you in. If you’re a bad guy, I won’t let you in,’” said Payton. “We know that back doors to encryption are not architecturally sound. They don’t work.”

In regard to the recent controversy between Apple and the FBI over unlocking an iPhone under court order, Payton said she understands Apple’s perspective. Many countries around the world, like China and Russia, do not have the same respect for privacy.

“When they look at the bigger picture, they see that if they bend on this particular issue, they are going to set a precedent, and they don’t want to do that,” said Payton.

However, Payton also thinks that industries like banking and health care show that it’s possible to strike a balance between privacy and following court orders.

“I don’t think it’s acceptable to say, ‘I’m not going to give you the information you seek under a court order because I chose not to collect it,’” said Payton.

She is worried that if the technology industry does not find a way to work with the government like other industries, they will be forced to change.

“Candidly, if the technology industry does not find the right way to do that, unfortunately they will find legislation slapped on them,” said Payton. “I really don’t want to see that happen because laws coming out of the beltway could really kill innovation, creativity, and the growth we’ve seen in recent years.”

According to Payton, there’s a clear opportunity for tech companies and law enforcement to innovate their way forward, without having to weaken encryption.

“Technology and law enforcement need to get in a room and say, ‘It’s not backdoors. It’s not weaker encryption. It’s a brand new design we haven’t thought of yet,’” said Payton. “We need the brightest minds in the room to create something that protects your and my privacy, that doesn’t allow for weaker encryption, that at the same time, if there’s a court order, there’s an opportunity on a case by case, limited basis, with specific credentials, a very targeted response for that data to be produced.”

AIM Infotec is March 21st.

Silicon Prairie News is a service of AIM.

Ryan Pendell is the Managing Editor of Silicon Prairie News.

This story is part of the AIM Archive

This story is part of the AIM Institute Archive on Silicon Prairie News. AIM gifted SPN to the Nebraska Journalism Trust in January 2023. Learn more about SPN’s origin »

Channels:

Get the latest news and events from Nebraska’s entrepreneurship and innovation community delivered straight to your inbox every Wednesday.