Cyber Warfare: What to Do About the Inside Man (and Other Lessons Learned)

The age of cyber warfare has begun. With companies needing to not only worry about threats from the world around them, but also from within, as evidenced by the recent Edward Snowden case, it is as important as ever for organizations around the world to develop cyber defenses to thwart would-be attackers.

The government, on the other hand, also has the added task of coming up with ways to go on the offensive, taking on any potential opponents before they have the chance to strike, possibly crippling our nation’s military’s ability to defend us from outside threats. What exactly has been learned from the Edward Snowden case, and how can those lessons be applied toward defending ourselves from both inside and outside threats going forward? A recent article by www.theglobeandmail.com talks about just that.

The Two-Man Rule

In the past, company and government officials were left to their own devices. Most often, workers had access to information critical to a variety of operations. It was only a matter of an individual having an agenda for sensitive data to be compromised and given away to both competitors and those who the information affects the most.

To stop such incidents, a two-man rule has been established. With the two-man rule, two individuals must now sign off when sensitive information is dispensed, especially when working in systems containing proprietary or classified information. Much like the nuclear weapon operators of the past, no one individual has access to the system, thus reducing the chance that vital information is stolen.

Failures of the Past: Information Sharing Between Departments

Is the answer to the cyber warfare question to not share any information within a company? No. Let’s take a look at an extreme case that shows what can happen if information is not shared effectively between departments: 9/11. Some of the blame for what allowed the terrorist attack on the World Trade Center dealt with the lack of communication-sharing among departments. If the right information had been shared, atrocities could have been avoided.

Now, information is being shared between governmental departments at an increased rate, even to the point of an overabundance of data being available. In essence, communication went from one extreme to the next.

Finding a Balance

The Snowden case has illustrated how classified data can get out to the world. Hopefully, the pendulum does not now swing to the extreme opposite of too little information sharing. Instead, a balance needs to be struck. Maybe the answer lies in the two-man rule, or maybe in another program altogether. What is known is that something needs to be done, first to protect vital data from exposure and second to protect the welfare, and even lives in some cases, preventing the dangers that exposing this type of information can cause.

 

For more information about how to defend again cyber warfare, visit: http://www.theglobeandmail.com/news/world/pentagon-set-to-deploy-new-cyber-warrior-corps/article13318211/