A major challenge of cyber security is the quantity of data that most organizations have. Many of the world’s most secure digital transactions occur online. And data is becoming harder to secure in other ways.
“Before I left government, I don’t think I ever really looked at digital security as a physical asset in my life,” said Alan Woodward, who led the U.S. Secret Service from 1994 to 1999. “It is now in my life and that makes it all the more important that I take care of it.”
There are three main kinds of data at risk: credit card numbers, Social Security numbers and credentials such as the work history of a specific person, including a university diploma and a driving record.
A new category called “sensitive” data was introduced last year. That broad category could include e-mail passwords, digital receipts or other data that would not be stolen but could be used to impersonate a person or access confidential information.
At the same time, the reality of people’s dependence on information technology presents a challenge for the government.
“Information technology is the greatest un-reformable national security liability of our generation,” said one senior DHS official, speaking on the condition of anonymity. “You have to think how to make it easy to protect and harder to misuse.”
The government is creating cyber security teams and putting new resources into protecting critical infrastructure, such as power grids, banks and airports, among others. Visit https://www.fortinet.com/consulting to learn all about cyber security.
A White House task force released an annual report that included recommendations to reduce cyber-attacks and foreign espionage, including ideas like better training for cyber security managers and making the Defense Department a lead agency for defending federal networks.
That task force focused on preventing the proliferation of harmful cyber weapons, but it included a relatively modest $8 million to $10 million in spending on enhancing security in federal agencies.
That number could go up if the Trump administration moves to work with Congress to allocate money for more comprehensive protection, said a U.S. government official who spoke on condition of anonymity to discuss internal planning.
A spokesperson for the White House’s Office of Management and Budget did not return a request for comment.
In the past, the Defense Department has stepped in to protect the nation’s infrastructure, like the nation’s electricity grids. The threat was a problem for the government since many grid-control systems are connected by water and power lines to computer systems. The departments of Homeland Security and Commerce have invested in building information technology for energy managers to keep track of the energy flows and respond more quickly to potential threats.
Some areas of infrastructure aren’t so heavily connected, and the Department of Homeland Security has a special unit to focus on protecting those parts of the nation, as well.
The government isn’t the only one trying to improve security. Private industry is also battling to keep a lid on information security threats.
“We are to some degree saying, ‘These are our systems and they are very important to us,'” said Jeff Zients, former White House chief economic adviser. “We are trying to find ways of sharing best practices that are trying to protect some of our most important systems.”