Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- Ask the CIO
- Connected Government
- Consolidating Mission-critical Systems
- Constituent Servicing
- Continuous Monitoring: Tools and Techniques for Trustworthy Government IT
- The Data Privacy Imperative: Safeguarding Sensitive Data
- Eliminating the Pitfalls: Steps to Virtualization in Government
- Federal Executive Forum
- Federal Tech Talk
- Government Cloud Brokerage: Who, What, When, Where, Why?
- Government Mobility
- Mission-critical Apps in the Cloud
- Mobile Device Management
- The Modern Federal Threat Landscape
- The Path from Legacy Systems
- Understanding the Intersection of Customer Service and Security in the Cloud
Shows & Panels
How to share info in the age of WikiLeaks
Monday - 12/13/2010, 5:06pm EST
Federal News Radio
For better or for worse, we are now living in a world post-WikiLeaks.
Thomas McNamara, the former program manager for Information Sharing Environment, joined the DorobekINSIDER to talk about information sharing and what has changed.
McNamara said that the flow of information, including who gets what information, is important in understanding the sharing environment.
"Information sharing never envisioned a blanket application of information access where there were not control mechanisms in place to ensure that the info was flowing properly. Not only does it mean that the right information flows to the right individual at the right time but the right amount of information."
"One of the obvious mistakes in the control system is that huge volumes of info were generally referred to as mass data downloads were not being monitored and this would have shown up in a fully developed information sharing environment, as an anomaly, these generally get checked or should always get checked and this was missing."
In order to fully explain the issues with the information sharing environment, McNamara said it's important to understand what that environment really is.
"It's a new way of managing info to take account of the information revolution that occurred in the 1990s," McNamara said. "The best example of it is your credit card. When you use your credit card, you the individual get a certain amount of info that enables you to use the card. You don't get any more information than you need to use the credit card. The person at the store will use the credit card only gets the info that he or she needs to function in their capacity. The bank...gets information that it needs to fulfill."
"If you take that all the way through the international transfers, they only get the information they need to conduct the operations. Nobody gets all the information, and no one has generalized access to the system."
The example of the credit card is exactly how information sharing in the government should work. One of the other aspects of information sharing with credit cards that government information does not have yet is immutable auditing.
"Every transaction within the information environment (of a credit card) is immutably recorded and can be audited at any time to check in on anomalies, to verify that transactions occurred and that they were handled properly," McNamara said. "We haven't gotten that far as we set up this new information environment in the federal government but we're getting there. Until we get there, we'll have problems with info sharing."
McNamara said it may be too early to see the total impact of what WikiLeaks has on information sharing.
"I'm hoping that what it will do is emphasize and bring to the forefront what has been a major element in the entire information sharing effort over the years," McNamara said, "and that is the balancing of information access with information security. It's not easily done and it has to be continually monitored and updated because part of the problem was that the SIPRNet somewhat out of date in that respect."