Tuesday, December 14, 2010

Wikileaks is a symptom, not the disease

Wikileaks has created a tempest with the release of millions of stolen U.S. secret documents. It's also created serious problems for it's founder. Problems that may exist more for the convenience of the embarrassed governments than for any real events. But that's not the reason for this post. Wikileaks has forced governments in general, and the U.S. government in particular to look at just what types of security they have, and how close it really is to what they need.

Redorbit.com reports that the U.S. lags behind safeguarding against cyber attacks. I don't know if anyone really finds that idea surprising. If we can't even prevent a soldier (trusted with clearance or not) from physically stealing secret documents, why should we think we're successfully securing the networks that hold those documents from outside intruders?

The Department of Homeland Security (DHS) has plans to secure those networks, but they will take time to implement. Steps are being taken to plug the holes that made the wikileaks revelation possible, too. The problem is, those steps should have been taken years ago. There should have been no thumb drives allowed, and the ability to burn CD's should have been limited to particular people, if it was allowed at all.

For at least a decade government agencies have been getting a failing grade when it comes to network and computer system security. The DHS has been receiving failing grades since it's creation - though I think last year for the first time it received a "D." It was one of the few sections of our government to do so. If we want to remain a real player in the world - not just in politics, but in economics, science, and technology - we have to step back and look at what we are doing. We have to honestly evaluate everything. Is this policy effective? Or does it just "look good?" Is there a more effective way? If it is effective, is it effective at the right thing? If we are trying to keep thieves from stealing data off of our networks, do our policies at least make it harder to get data off of our network, even if you are sitting on a computer inside the network perimeter?

If I am trying to keep our businesses competitive with foreign companies, are my policies doing that, or are they actually hurting the competitive capabilities of U.S. companies?

We have to look at ourselves honestly, evaluate ourselves dispassionately, and work at improving diligently if we are going to secure our networks and our borders. If we aren't willing to do that, we should fold up now.