US Gov orders infosec lock-down post Wikileaks

By Angela Moscaritolo on Oct 10, 2011 2:16 PM
Filed under Security

Assange predicts balkanised agencies will fail.

The White House last week ordered agencies tighten security to prevent further Wikileaks-style attacks.

The structural changes issued within an executive order to safeguard classified information and networks from insider threats.

It followed a seven-month government review of policies and procedures surrounding the handling of classified information, prompted by the leak of classified US cables by whistleblower site Wikileaks.

The order stated that individual government agencies “bear the primary responsibility” for ensuring that classified information was safeguarded and shared appropriately.

Agencies that use classified networks must implement an insider threat detection and prevention program, designate a senior official to oversee information-sharing protections and perform self-assessments of compliance with standards.

Senior Defense and National Security Agency officials would be responsible for developing technical policies and standards to protect classified information within national security systems, and will also conduct assessments of agency compliance. 

This month Wikileaks founder Julian Assange said governments would react to the cable leaks by becoming transparent or locking down.

In the latter instance, Assange said agencies would Balkanise and become less effective and unable to compete for skilled staff.

“This is one of the goals of Wikileaks,” Assange said.

But Securosis founder Rich Mogull said the executive order “appears to carefully balance the needs of continued information sharing with that of increased security”.

“The normal reaction is to return to pre-9-11 silos, but assuming agencies are following these orders, they will maintain cooperation while still addressing insider threats,” Mogull said

The Wikileaks exposures were essentially the result of one agency, the Department of Defense, leaking data shared by another agency, the Department of State, according to Mogull.

US agencies have recently strengthened security including systems to improve online identity management, access control, and bans on the use of removable media.

“These are tough problems, and implementation is everything, but on paper it's the right direction,” Mogull said.

The executive directive ordered the creation of a task force to develop a government-wide program to detect and prevent insider threats and reduce security vulnerabilities.

The Senior Information Sharing and Safeguarding Steering Committee would submit regular reports to document government successes and failures in protecting classified information.

A new office dubbed the Classified Information Sharing and Safeguarding Office would advise the steering committee and support the insider threat task force and other agencies.

-With Darren Pauli

 
Follow us on Facebook and Twitter
 

Copyright © SC Magazine, US edition

US Gov orders infosec lock-down post Wikileaks
 
 
 
 
 
Top Stories
Cloud vendor repatriates data to Australia to avoid "prying eyes"
Saasu also driven by latency and performance.
 
HP's futuristic new PC: the 3D Sprout
3D camera and projector allows interaction without mouse, keyboard.
 
iiNet rolls out 1000 Cisco wi-fi access points in Victoria
Free public wireless bolsters network infrastructure in Melbourne.
 
Sign up to receive CRN email bulletins
   FOLLOW US...
Polls
Is Microsoft right to limit the reseller channel for Surface?

Latest Comments
CRN Magazine

Issue: 332 | October 2014

CRN Magazine looks in-depth at the emerging issues and developments for the channel, and provides insight, analysis and strategic information to help resellers better run their businesses.