Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Low-Tech Humans Subvert High-Tech Information Assurance

From: InfoSec News <isn () c4i org>
Date: Mon, 21 Jan 2002 02:34:30 -0600 (CST)
Forwarded from: kelley <kwalker2 () gte net>

http://www.us.net/signal/CurrentIssue/Jan02/low-jan.html

Low-Tech Humans Subvert High-Tech Information Assurance
By Col. Alan D. Campen, USAF (Ret.)
SIGNAL Magazine 2002

TEXT BLURB

The tragic events of September 11 provide ghastly substance to the 
metaphor of asymmetric warfare. And, they add credence to prescient 
but nebulous warnings of threats to homeland security and concomitant 
vulnerabilities of critical infrastructures. 

While public switched networks (PSNs), cellular telephones, wireless 
networks and the Internet--the backbone and heart of the U.S. 
information infrastructure--were not prime targets, the cascading 
consequence of collateral damage to information systems was laid bare. 
The information infrastructure was found wanting in support to 
intelligence collection, law enforcement, disaster mitigation and 
recovery efforts. 

A shortfall in network capacity, single-node sensitivity and the lack 
of interoperability among police, fire and first responder networks 
exposed gaps in the road to information assurance that cannot be 
filled solely with new technology, firewalls, anti-virus patches or 
cryptography.

A once indifferent but now belatedly aroused public clamors for 
government action, so money will be provided--perhaps thoughtlessly. 
The Information Technology Association of America proposes spending 
$10 billion for information technology (IT) security, and Senator 
Joseph Lieberman (D-CT) proposes a $1 billion IT fund to jump-start 
some of the more pressing security requirements in government and the 
private sector. But these resources may be wasted in fruitless quest 
of a technical silver bullet if we overlook problems created by humans 
who misuse available technology.

The United States has yet to conduct a comprehensive national threat 
assessment of its information systems. Nevertheless, the ability to 
transact business, operate government and respond to physical, 
chemical, biological or nuclear attacks will be constrained by the 
capacity, accessibility, reliability and security of the information 
infrastructure. 

[...]



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.
Previous By Date Next
Previous By Thread Next

Current thread: