Info. assurance a matter of survival

SALT LAKE CITY'Information management, and information assurance in particular, may be more mundane than other software topics but it is part of the foundation of all systems, according to Kelly Miller, chief systems engineer of the National Security Agency.

'I can't say [IA] has been ignored, but it has been under-emphasized,' he said.

Miller, speaking to software engineers at the 18th annual Joint Services Systems and Software Technology Conference, adapted a saying of Charles Darwin to make his point. Where Darwin once said the creature that survives is not the smartest or the strongest but the one most adaptable to change, Miller said, 'In the Information Age we're faced with, the survivors will be those who have the most assured information.'

It takes the same skill set to defend networks as to exploit them, he said. But the emphasis is not equal'it only takes one vulnerability to exploit a system, but to protect a system all the vulnerabilities have to be guarded.

The global network is a 'national interest item,' he said. The size of the problem is breathtaking, with 20 million e-mails a minute zipping around the globe and 40 million voicemails left each hour. And supervisory control and data acquisition networks, used throughout the chemical and utilities industries, were developed years before the Internet and never designed to include computer security.

The biggest threat is spyware''the new spam,' Miller called it. A recent survey found that 87 percent of business PCs and 88 percent of consumers' computers are infected.

With a dearth of skilled professionals to address the challenge, Miller said a national strategy for IA needs to be created and executed.

'Our operations, organizations, laws and policies have not kept pace with this changing technology,' Miller said. 'The current defense is not effective. ' Not only are we not keeping pace, we're taking a step backwards.'


  • Records management: Look beyond the NARA mandates

    Records management is about to get harder

    New collaboration technologies ramped up in the wake of the pandemic have introduced some new challenges.

  • puzzled employee (fizkes/

    Phish Scale: Weighing the threat from email scammers

    The National Institute of Standards and Technology’s Phish Scale quantifies characteristics of phishing emails that are likely to trick users.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.