DoD recently sent out a tweet (@DeptofDefense) informing all that they have “bolstered safeguards for security information“. After reviewing how they bolstered it, I found it interesting that they would do so much as tweet this insight. If you review the information, it really just talked about how “management” would be notified if information was made available to the public when the information clearly should not be made public. There was no additional information as to how better training would be implemented, what new guidance or better security would be implemented for the classified information and the networks. Once the information is shared to the public, is it no longer a risk? Do we just forget about it? What can be done after the fact? Shouldn’t the battle be protecting the information from the start? Shouldn’t the US DoD take this opportunity to specifically talk about the technologies that can secure the information from Day 1, from it’s initial creation?
Classified and secure information is a challenge that the US DoD always has to battle with. I feel that the issue isn’t necessarily based on the information but the fact that the people that are protecting it, do not want to protect it anymore. Maybe they want to share the information because they are angry with the US government, I don’t know but I would assume they leaked it on purpose. For whatever reason, they feel that the information needs to shared with those that are not intentionally meant to know about the information. I feel that the US DoD can not act on the material like any other company would or should. I feel that the US DoD are dealing with different people. People that are already in specialized groups and already aware of the sensitivity associated with the data.
I know that my insight into this problem isn’t all that important but I think it is a great opportunity to continue the talk about protecting data and the risk associated with it. It is a great opportunity to talk about protecting information and how it must also incorporate those that have access to the data. We are talking about people with security clearances. People that have had background checks, people that have been interviewed and their families and friends have been interviewed. The US government has spent an enormous amount of money vetting these people and in turn, they are not ordinary people. You can’t expect the US DoD to look at protecting data the way everyone else protects data. Let’s get real US DoD… step up to the plate and acknowledge the facts and not just want you think we want to hear… you tweet
If “bolster” is to provide support or give a boost, then let’s do that! Let’s boost the security measures and lets be honest about all of it. The more we can be honest about it the more we can change the environment and the playing field across the board. Aren’t we all worth that?