Intell's computer balancing act

The intelligence community has long been a leader in the development of

cutting-edge information technologies. But, as last week's events demonstrate,

that position is imperiled by the attempt to balance security and privacy

with better access to information.

The most glaring example is the recent case of former CIA director John

Deutch, who may have compromised thousands of pages of highly classified

material by storing the data on a home computer equipped with an unsecured

Internet connection. CIA director George Tenet called his former boss' actions

"sloppy."

The Deutch example represents the ultimate insider threat, where people

use authorized access in unauthorized, or simply irresponsible, ways.

"What this whole fiasco really demonstrates is that the existing information

technology capabilities of the U.S. intelligence community, and the related

security constraints, make it impossible for anyone, even the director of

Central Intelligence, to work efficiently from home or anywhere else, with

due regard for security," said Robert Steele, a former CIA officer and chief

executive officer of Open Source Solutions Inc.

The disclosure of Deutch's blunder comes on the heels of the Energy

Department's effort to restructure agency security policy in light of the

indictment of former DOE physicist Wen Ho Lee. Lee is accused of downloading

nuclear weapons information onto an unclassified computer system and storing

that data on unsecured tape storage devices.

But the tendency to increase monitoring and bolster cyberdefenses comes

with its own set of problems, such as how cyberintelligence is balanced

with privacy. Marc Rotenberg, executive director of the Electronic Privacy

Information Center, pointed to the National Security Agency as a prime example.

"The problem is that the federal government has two very distinct views

of computer security," Rotenberg said in a statement delivered to Congress

last week. One view is securing your own communications and the other is

intercepting the electronic emanations of suspected criminals, he said.

"In no agency are the two notions more at odds than the [NSA]," which is

responsible for federal systems security standards and developing methods

to crack encryption codes and break into networks.

Featured

  • People
    Federal CIO Suzette Kent

    Federal CIO Kent to exit in July

    During her tenure, Suzette Kent pushed on policies including Trusted Internet Connection, identity management and the creation of the Chief Data Officers Council

  • Defense
    Essye Miller, Director at Defense Information Management, speaks during the Breaking the Gender Barrier panel at the Air Space, Cyber Conference in National Harbor, Md., Sept. 19, 2017. (U.S. Air Force photo/Staff Sgt. Chad Trujillo)

    Essye Miller: The exit interview

    Essye Miller, DOD's outgoing principal deputy CIO, talks about COVID, the state of the tech workforce and the hard conversations DOD has to have to prepare personnel for the future.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.