The new “Cyber Czar”

May 28, 2009

It was announced this week that President Obama will be creating a “cyber czar” to protect our computer networks.  This announcement further supports the comments of Dr. Joel Brenner who I heard speak a few weeks ago.  It is clear that at some point in the near future there will be government regulations on our businesses network security.  According to an article in the Washington Post, “The White House’s role will be to oversee the process, formulate policy and coordinate agencies’ roles, and will not be operational, administration officials have said.”  

To view the entire article go to http://www.washingtonpost.com/wp-dyn/content/article/2009/05/25/AR2009052502104.html

Advertisements

National Counterintelligence Executive Speech

May 21, 2009

I had the privledge of going to Los Angeles 2 weeks ago to hear Dr. Joel Brenner speak on the topic of network and data security.  It was a very small gathering and I got the opportunity to talk to him personally after the event.  We discussed the misconception that data loss is covered by a businesses insurance policy and that most businesses were unprepared to deal with a data loss.  During his speech he informed us that the Chinese and the Russians have already been seen in our electrical grids and in the networks of our major banks to illustrate how real of an issue this is.   He offered us some tips to protecting your companies network security which I’ll share below:  

  • Identify which information should be protected and for how long
  • Make sure to encrypt all extremely sensetive material 
  • To dispose of sensetive material, shred or make it unreadable
  • Do not leave vauable company information unattended in hotel rooms
  • E-mail and voicemail passwords must be protected and changed frequently
  • All sensitive materials must be removed from conference rooms and chalkboards and whiteobards erased after meetings
  • Where possible, conduct background investigations on all individuals with access to sensitive information
  • Obtain nondisclosure agreements from employees, vendors, and others with access to proprietary information

These tips were taken from the Department of National Intelligence document Safeguarding Information for the Security Professional.  You can get to their website here.