Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CIO pushes network-centric warfare

From: InfoSec News <isn () c4i org>
Date: Thu, 30 Aug 2001 00:41:44 -0500 (CDT)
Forwarded from: Dave Dittrich <dittrich () cac washington edu>


It will mean that "anybody can get any information at any time,"
Stenbit said in a meeting with reporters Aug. 24. He took over the
CIO post Aug. 7.
 . . .
Finally, Stenbit said he is going to focus on the reliability of
information systems. "Once we start depending upon them, wed better
make sure theyre there," he said.


I'm glad to hear that he is at least saying up front that reliance on
digital information for targetting is a huge potential risk. Consider
what would happen if your enemy can change GPS data or targeting
sensor data to make your systems think THEIR capitol city is really
YOUR capitol city!  "Identify friend or foe" doesn't work when your
sensor data can be made to lie about who "foe" is.


Overall, he said that information technology can help free up
money from the non-fighting arm of the military, thereby making
more money available for force structure and modernization.


This part scares me.  I believe that this is one of the fundamental
problems with the dot-gone economy, where C{TIE}O's consider their
application of technology to "free up money" that can be spent
elsewhere (e.g., huge travel budgets, huge executive signing bonuses
and golden parachutes, huge executive salaries, a larger emphasis on
marketing above engineering, etc.)

I believe that the flaw in the logic here is that the application of
technology ITSELF comes with hidden costs (in the form of security
needs), and does not have nearly the effect on "freeing money" that
non-technical and overly optimistic CIOs believe.  The end result is
that risk exposure is increased, preventative measures and sound
engineering (which include security from step one) do not take place,
and the legal system is used as a band-aid to cover up the hemoraging
that results.

--
Dave Dittrich                           Computing & Communications
dittrich () cac washington edu             University Computing Services
http://staff.washington.edu/dittrich    University of Washington

PGP key      http://staff.washington.edu/dittrich/pgpkey.txt
Fingerprint  FE 97 0C 57 08 43 F3 EB 49 A1 0C D0 8E 0C D0 BE C8 38 CC B5



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.
Previous By Date Next
Previous By Thread Next

Current thread: