Degrees of Ignorance
When government officials within the national security arena buy unsecured commercial technologies, the National Security Agency may be partially to blame, said Michael Jacobs, the agency's director of information assurance. Jacobs said that in the nearly 50 years the agency has been around, its customers never had to think about information security because NSA conveniently provided it for them.
But in today's world, dominated by commercial technology, that level of service may have a downside. "They didn't think about what [commercial technology] didn't give them from a security standpoint," he said. "Part of that might have been our fault. They never thought about security anyway. They just took what we gave them and felt good about it. The same degree of ignorance that allowed them to not know it was inherently secure is the same degree of ignorance that today allows them to not know it is inherently" unsecure, Jacobs said.
He added, however, that the agency has helped raise awareness in part by taking advantage of teachable moments resulting from high-profile security cases such as Solar Sunrise, the 1998 infiltration by three teenagers into military networks. "We're not dummies. We capitalized on that," Jacobs said.
QDR: IT Front and Center
The Quadrennial Defense Review, as of last week, was scheduled for release Sept. 30. It is a comprehensive review of military force structure, acquisition and strategy and is expected to shed light on how the Pentagon will handle so-called asymmetric threats such as last month's attacks on the Pentagon and the World Trade Center, Defense Secretary Donald Rumsfeld said at a recent press conference. "I think that we spent an enormous amount of time in the QDR talking about asymmetric threats and talking about homeland defense and informational warfare and things that seem to be totally relevant to the [post-Sept. 11] security environment that we find ourselves in," Rumsfeld said. "So you will see transformational technologies that we think are directly relevant to this asymmetric threat environment, and they'll be front and center in the [multi.year budget] development."
The attack on the Pentagon has revitalized security businesses, and one new company is getting calls: a real estate developer that builds "mega-secured structures" for data centers. The so-called CyberFortresses—two of which are in Northern Virginia, with another in suburban Chicago—have 10-inch-thick concrete walls, limited glass and an on-site generator.
Officials for DataCenters.Now, an arm of BECO Management Inc., a commercial real estate developer, started getting calls from federal agencies soon after the attack. But company officials would not say specifically who called. Chris Epstein, DataCentersNow president, said the buildings were designed with security in mind. "Housing data has been somewhat of an afterthought for most organizations," he said. "We thought three years ago that didn't make any sense." The World Trade Center reportedly was home to three dozen data centers, Epstein said. Some organizations use the CyberFortress facilities as backup sites, which become their primary facilities in the event of an accident.
The firm is working with federal agencies. "We're giving them first dibs," Epstein said.
The Interceptor also took a sound beating with a wet noodle from Mary Trier, spokeswoman for the Army Simulation, Training and Instrumentation Command. Although STRICOM enjoys a great relationship with the surrounding community, the rumor printed in last week's column that local law enforcement helped guard the command in the aftermath of the Sept. 11 attacks is absolutely untrue, Trier said.
Intercept something? Send it to firstname.lastname@example.org.
NEXT STORY: HHS to integrate Medicare accounting