Forwarded from: kelley <kwalker2at_private> http://www.us.net/signal/CurrentIssue/Jan02/low-jan.html Low-Tech Humans Subvert High-Tech Information Assurance By Col. Alan D. Campen, USAF (Ret.) SIGNAL Magazine 2002 TEXT BLURB The tragic events of September 11 provide ghastly substance to the metaphor of asymmetric warfare. And, they add credence to prescient but nebulous warnings of threats to homeland security and concomitant vulnerabilities of critical infrastructures. While public switched networks (PSNs), cellular telephones, wireless networks and the Internet--the backbone and heart of the U.S. information infrastructure--were not prime targets, the cascading consequence of collateral damage to information systems was laid bare. The information infrastructure was found wanting in support to intelligence collection, law enforcement, disaster mitigation and recovery efforts. A shortfall in network capacity, single-node sensitivity and the lack of interoperability among police, fire and first responder networks exposed gaps in the road to information assurance that cannot be filled solely with new technology, firewalls, anti-virus patches or cryptography. A once indifferent but now belatedly aroused public clamors for government action, so money will be provided--perhaps thoughtlessly. The Information Technology Association of America proposes spending $10 billion for information technology (IT) security, and Senator Joseph Lieberman (D-CT) proposes a $1 billion IT fund to jump-start some of the more pressing security requirements in government and the private sector. But these resources may be wasted in fruitless quest of a technical silver bullet if we overlook problems created by humans who misuse available technology. The United States has yet to conduct a comprehensive national threat assessment of its information systems. Nevertheless, the ability to transact business, operate government and respond to physical, chemical, biological or nuclear attacks will be constrained by the capacity, accessibility, reliability and security of the information infrastructure. [...] - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Mon Jan 21 2002 - 03:47:31 PST