By William Jackson
Mar 06, 2009
At the recent Black Hat Federal IT security conference in Arlington,
Va., former White House cybersecurity adviser Paul Kurtz called for a
public discussion of what he called taboo subjects. If we are to have a
comprehensive cybersecurity strategy, he said, we must begin thinking
about how to effectively integrate the intelligence community and
military services into the program.
A new war, somewhat akin to the Cold War, is simmering online, but the
nation has yet to develop a strategic plan for using military and
intelligence resources in defending its information infrastructure. This
is not to say that the intelligence community is not gathering large
amounts of information or that the Defense Department is not developing
the capacity to defend itself, and retaliate, online. But intelligence
data has not been integrated into the overall picture of what is going
on online, and there are no protocols for determining what constitutes
an act of cyber warfare and what the appropriate response would be,
"We need to have a public discussion," he said, on sharing intelligence
with law enforcement and the private sector and on the use of military
weapons in cyberspace.
At the same conference, some companies demonstrated tools that enable
secure information sharing, using cryptographic techniques that allow
data mining across multiple databases without compromising privacy.
Andrew Lindell, chief cryptographer at Aladdin Knowledge Systems, showed
how to ensure privacy on both sides of the search so that data is not
unnecessarily exposed to the searcher and the searcher does not have to
reveal what he is looking for.
"It's a trivial solution," possible with commercial technology, Lindell
Best Selling Security Books and More!