White House Responds To WikiLeak Breach With Security Policy Review8:19 PM EST Thu. Dec. 02, 2010
The U.S. government plans to take steps to address glaring holes in its security policy and cyber infrastructure in a comprehensive effort to prevent a recurrence of the recent WikiLeaks breach.
The multiagency effort includes the appointment of a new National Security Advisor as well as a thorough examination of how the Executive Branch shares and protects classified information.
"Our national security requires that sensitive information be maintained in confidence to protect our citizens, our democratic institutions, our homeland and our partners. Protecting information critical to our national security is the responsibility of each individual and agency granted access to classified information," a White House statement said Thursday.
Thus far, the focus on security includes the Dec. 1 hiring of Russell Travers, a deputy director at the National Counterterrorism Center, who will serve as the national security staff's senior advisor for information access and security policy.
In his position, Travers will lead the charge to identify and implement the structural reforms following of the WikiLeaks breach, including advising national security staff on corrective actions, mitigation and policy recommendations related to the breach.
Also in a move directly related to the WikiLeaks breach, the President's Intelligence Advisory Board (PIAB) will take an independent look at the means by which the Executive branch of government shares and protects classified information.
The PIAB plans to conduct a thorough examination of the government's security posture, focusing specifically on classified data leaks, while weighing the balance between the need to share and protect information.
The PIAB also plans to work with departments to raise awareness about the severity of the breach and insider threats in general and examine how prepared the government is to address the challenges of impending security threats, information sharing and transparency.
Meanwhile, security experts contend that in light of the size and scope of the WikiLeaks breach, it likely will be a matter of time before the insider is tracked down.
"I think that with the size of the leak it is going to be relatively simple to track down the source. There are some logs somewhere and this kind of access must have left evidence in some of them," said Amichai Shulman, chief security officer with Redwood Shores, Calif.-based security vendor Imperva. "Basically I think that this is an easy one that should have been detected a priori. Harder to investigate are incidents where a small number of very sensitive documents are leaking."
Next: Security Experts Weigh In On Insider Threats In Wake Of WikiLeaks
Meanwhile, security experts contend that the incident underscores the growing prevalence of insider threats, data theft and cyber attacks perpetrated by employees or contractors. Researchers at Imperva said that insider threats have increased 91 percent since 2009 based on an analysis of publicly-reported breaches.
Rob Rachwald, director of security strategy at Imperva said that many organizations are underprepared to address the risks that insiders pose to the reputation and integrity of their business, adding that file security is a "big deal" in protecting sensitive information.
"There are hackers out there, but IT history has shown that the rogue employee is also a threat," Rachwald said in an e-mail. "Organizations need to wake up to the complexities of internal threats, rather than simply relying n conventional IT security systems."