Friday, October 7, 2011
US Governments acts to upgrade internal data security
The White House issued an executive order to beef up security against insider threats post the WikiLeaks episode. It took seven months to review policy and institute simple security controls such as disabling CD drives and USB ports. This is a clear indicator of the size and dimension of the challenge to make sure governments adhere to security policies. Sheer bureaucracy and limited security knowledge stand in the way. It also amply shows that a significant investment is needed by governments across the world in technology and security awareness training to better their security posture.
If this does not change as governments modernize and automate processes both internal and external, the probability of cyber attacks and theft will rise exponentially. Not to mention the consequence of cyberwar, and cyber espionage on government networks. The initiative by the US government shows that it’s capable of learning (not a common quality for governments) and is a good step forward. Other governments should take note of this example. There are many which prescribe laws on data security which do not apply to the government themselves. I find this thought quite humorous.