We all understand the idea of "Plan A" and "Plan B". Plan A is the plan we put in place that is meant to work as planned. In security, it is the plan we hope will ensure the CIA (Confidentiality, Integrity, and Availability) triad is in place. We put a lot of effort into Plan A, and then the more intelligent among us will put some effort into a Plan B. This is the plan we switch over to in the event Plan A fails.
This is generally the "damage control" mode plan. This is the plan we all hope we never have to go to, since by this point something very bad has happened. This could be something like...say perhaps...all of our national secret and top secret information getting leaked on a website.
That can be a really bad thing...
By now we are all probably keenly aware that the masterminds behind the WikiLeaks website have decided that information must all be publicly shared no matter what. Someone asked me my opinion about this several days ago....if I thought it was a good thing of bad thing...and my response was simple. I do not have an opinion about it being a good thing or bad thing. What I do know is that it is something that exists, and we must now figure out a way to deal with it, because it is NOT going to go away...EVER! It is like winter in Cleveland...deal with it.
I know this may sound harsh, but that is what we are facing. We live in an age where information ebbs and flows (and overflows) like water in an ocean. It comes to us as a gentle and calm breeze, or as a hurricane. It drifts down like snowflakes, or comes crashing down like an avalanche.
Okay...enough analogies...you get the picture. The truth is, we simply no longer have the control of information we once thought we had. The very nature in which we communicate today has created an environment were massively scalable information storms can occur. In the "good old days" we communicated by sending letters and talking. Today we communicate by generating data that gets pumped into "The Cloud", and then BLINDLY trust that it will only get to the intended recipients and nobody else.
Isn't that cute...
The Plan A way of dealing with information has been to protect the confidentiality, integrity, and availability of the information for as long as information has been important to us (essentially forever, but perhaps more so today in the information age). While we have created some absolutely fantastic systems for insuring both the integrity and availability of information over the last several decades, it seems that the very systems we have built have made it increasingly more difficult to insure confidentiality. Through the application of Moore's Law we have created systems with insane amounts of processing power, and have driven down the cost of these systems to almost nothing (I say almost nothing because you can find computers for free these days...at least in the San Francisco Bay Area), meaning that anyone can get their hands on the tools needed to both obtain and distribute information. There was a time when getting confidential information meant breaking encryption or applying brute force or dictionary attacks on systems. While this is still true today, we now live in a world where there are so many people accessing systems throughout the world, we no longer need to break into systems to get a hold of sensitive information. Today somebody who has authorized access to information either copies it or sends it into the cloud for all to consume. What makes this so difficult to control is that there are so many who have access to information, and either through direct access or aggregation the information can be assembled into nice little information bombs.
In other words, confidentiality has become nearly impossible to both achieve and manage.
This makes Plan A an incredibly difficult plan to manage, and certainly makes our reliance on Plan A more and more difficult to justify from a due diligence/due care perspective. We simply live in an age where we MUST assume compromise. We must accept the fact that, at some point, confidentiality goes out the window. Time to look at Plan B.
I am not sure what the US Government is doing with respect to Plan B. I saw an article where the US Government is warning college students to not talk about WikiLeaks...or else. I see some efforts to shut down the WikiLeaks site, and cut off funding sources. I imagine these are all some valid steps to take...in an act of desperation. Okay, maybe it is not desperation, but it certainly seems desperate. I mean...c'mon...do we really believe this is going to do anything more that irritate a bunch of college students who already do not like our government to begin with, and who are perhaps infinitely more savvy about the information age?
I am fairly certain that Plan B has not been given the level of attention it should have been given. It is very difficult for people who are intelligent AND arrogant (a bad but common combination) to consider the possibility that their best laid plans may have a fatal flaw. Consequently, anything more than a cursory level of attention to Plan B is considered an admission that maybe they are not as smart as they think they are. Perish the thought!
The truth is, Plan B has ALWAYS been more important than Plan A. By the time you get to point where you need to use Plan B, things have generally gotten very bad. This is now the time were you must not only figure out how to keep things operational, but also undo the damage that caused Plan A to fail. This is the "do or die" moment.
We certainly need to continually focus on protecting information. We do indeed have systems and methods available to us today that can buy us some time in the race between those who need to protect information and those who want to uncover it. We simply need to understand that at some point the information we so dearly protected is likely to be become publicly available, and use that mentality to weather the information age. It may take some time, but I am sure we will eventually get to a point where we can deal with this...much like I dealt with 21 years of Cleveland winters.
5 comments:
This was a great article Mike and is exactly what I am in the middle of in reference known security issues in the smart grid. I break it down as "pre-Plan A", needed deployment of immediate security solutions, "Plan A" deployment of current security with methods to immediately changing the security and "Palm B" shut the doors, shut up and prepare "Plan B".
As we both know in many cases we are still in "pre-Plan A. I could tell you about a lot of these security issues but I have a greater respect for "loose lips sink ships" than I used to. As I fight to get known security solutions recognized I keep looking for that room where I can just shut the door with some responsible people and get the job done. That of of course would put responsibility before profit which is hard to do now a days. I look forward to Smart Grid Security East. Let find a place to shut the doors and talk about "Plan pre-A, A and B?"
The real way to have a good plan B is to ensure that all of your minorities are kept happy, that way they won't revolt and leak informaiton. Or make real sure that they are on board with the political culture of your organization.
Hazen,
Let me give you an example how the US "kept minorities happy." My daughter served her US Naval deployment by working in a country in Africa making sure pirates did steal food from ships coming into port. If that food didn't get there it would starve the surrounding counties for months and some times years. This is just one of many good things done by the US in trying to keep the whole world of happy. Lets see if WikiLeaks this.
Hazen,
I do not believe the level of happiness among minorities has any more bearing on information leaking than any of a number of other reasons. Greed, thrills, and general stupidity probably lead to more leaks than anything else. There are plenty of non-minority status people who are unhappy as well. I also do not see how this is an effective Plan B. If Plan A (protecting confidentiality in this case) fails, then how does making the minorities feel happy rectify the damage caused by information leaks? If anything, you are offering an additional layer to Plan A, and I doubt the effectiveness of it.
Thanks for the post Larry;
Just as an example, he would not have been able to leak any information if the Two man rule was enforced.
And by Minorities, I mean minorities within the Ranks; both visible; cultural and any other divide you can think of. If you look at the change in stance in regards to "Don't Ask Don't Tell"; it's clear that if you don't appease your own first, they will appease themselves.
Post a Comment