As we consider the question of WikiLeaks, we need to examine and balance two issues: Security and collaboration. One might think intuitively that these two issues stand in opposition to each other. In fact, the reverse is true. Effective collaboration depends on effective security, which is essential for trust in any global enterprise. Security itself is largely credible to the extent that it enables, rather than inhibits the business and mission of which it is an important part. As we look to our reactions to WikiLeaks, it’s understandable that some might call for a retreat into a restrictive information and security posture that confines access to information to those whose “need to know” is defined in as narrow as fashion as possible. While such an approach might seem “secure,” it certainly doesn’t enhance the likelihood of mission success, either in business or in government.
Today, every effective global enterprise, from supply chain to military endeavor, relies on a mix of resources, participants, and disciplines. Global manufacturing requires the interaction of data relating to raw materials, sub-components, pricing (and price discovery), assembly, marketing, distribution, and sales. Enabling such integration requires trust in the authenticity of raw materials and sub-components, as well as trust in the authenticity of the data that supports every element of the supply chain.
The same is true in the public sector. 9/11 called into stark relief the need for better information sharing. While not everything need be shared with everyone, sharing across political, military, diplomatic, cultural, and social disciplines gives us a better chance of detecting terrorist plots and of understanding the complex global environment in which our nations exist. We share information because we must.
But, sharing has to be smart, and security remains important. How can we share information while ensuring that we retain the security of things that must be protected? Cybersecurity, designed to aid, not impede business and operations, is at the core of the answer. Here’s what to do:
First – Security procedures. Although some “insider threats” arise from malicious intent, nearly all are abetted by sloppy execution of routine security procedures or perceptions that they are bothersome or unimportant. National security organizations and commercial enterprises should elevate security as a management priority, enforce rules more consistently, and offer better training. None of this is rocket science.
Next – Cyber tools. Cybersecurity tools can detect much anomalous behavior, such as downloading, copying, or printing numerous documents, seeking to access information in unusual ways or not normally accessed, and transferring sensitive information to others.
Over time – More advanced cyber tools are being developed, such as to sift through huge volumes of seemingly disparate data and correlate findings. New tools must address potential threats from mobile devices and social media, and better detect and resolve suspicious exfiltrations. Improving analytic tools to better understand global information environments and characterize the behavior of systems remains a pressing challenge.
We can react to the WikiLeaks disclosures by retreating to a stove-piped environment, but at the risk of making complex operations more difficult than they need to be, and probably less successful. More prudent is to employ sound security practices and advanced technology while leveraging the advantages of information sharing and collaboration.
Security and collaboration are both important, and they work together to help us achieve the trusted enterprises on which we depend.
CSC Cybersecurity – Delivering Confidence