Monday, June 19, 2006

Homeland Security through the eys of Network Security

I was just on a long drive (250 miles) down to CT/NYC for some meetings over the next two days and I heard on the radio that Al Qaeda may have been planning an attack on the NYC subway system for 2003. They were apparently going to open up a can of cynaide gas (different than whoop ass which is what we would have done) in the subway.

I began to think about all that DHS must deal with in terms of how a CISO, network security professional, and those of us who keep bad guys out of where they should be. It's a lot alike, with several key differences.

In the network security world, the CISO, CSOs etc. must plug EVERY hole/exploit/port while the bad guys only need one way in. Same with DHS - they need to be able to secure every way into the US (legit or otherwise) and know the threats and ultimately prevent them from happening. In the DHS world, this means physical ways in, virtual ways in, and corrupt social ways in to access data and people. Same with the CISO/CSO view of the world (ideally).

I think those of us who live and breathe in the networked world have it far easier than DHS, yet breaches and break in's still occur. Obvious holes are (usually) plugged and there are any number of IDS/IPS, Firewall, and security Systems out there and even identity management systems out there now too to help know and control access to what is ours.

Yet breaches still happen. Did you ever wonder how many breaches happen in either the carbon based world or network world that we DON'T hear about. Me too. All the time. The thing with the NSA collecting phone records has somehow morphed into 'they listen in on every call' which is bunk, and you know what - I want them to have the capability to stop the bad guys and prevent what could happen to me, just like I expect companies (public and private) to protect my data so that it doesn't get into the hands of a bad guy, and I willingly fill out forms all the time providing different companies data. Is that the big difference?

The other thought I had was about masquerading of identity. I could probably buy another passport online somewhere and then become someone else - creating a new identity. Those of is in the network/security world have directories - what does DHS have, or any U.S. Government organization for that matter? Sure they have directories but there is no SINGLE authoritative source and I personally believe that the smart cards are a trial for the highest risk poulation, and that this is phase 1 of a multi phase program to know about who is here and to build that authoritative source.

Will it work? I don't know. Probably not the first time around, but then again how many other projects run by government or large organizations in general run smoothly the first time?

Security is not an event or series of events - is a risk management and user management lifestyle. You either want to lead that lifestyle or not.

I do.


Post a Comment

<< Home