By William Jackson
June 22, 2010
It might sound like heresy, but information sharing is overrated, said
Tony Sager of the National Security Agency.
IT security officials already are overloaded with information, Sager
said. As chief of the vulnerability analysis and operations group in
NSA's Information Assurance Directorate, which runs Red Team penetration
tests, Sager has generated his share of security information over the
past 33 years. But that data often contributes little to improving the
security of government IT systems, he said Tuesday at the Symantec
Government Symposium on IT security in Washington.
"Dumping our inboxes at each other is not going to cut it," Sager said.
"Being at the right meeting is not going to do it. The key to success in
IT security is information management." E-mail exchanges and meeting
attendance don't scale, he noted; an agency official can't increase them
indefinitely as the demand rises.
Information management means getting the right information into the
hands of those who need it. That requires not data dumps, but standards
for tools that can analyze data and make it available irrespective of
its source; standards such as the Security Content Automation Protocol,
jointly developed by the NSA, the National Institute of Standards and
Technology and the private sector.
Attend Black Hat USA 2010, hosted at Caesars Palace in Las Vegas, Nevada
July 24-29th, offering over 60 training sessions and 11 tracks of Briefings
from security industry elite. To sign up visit http://www.blackhat.com