Former CIA/NSA Head: Cyber Security Threats "Horribly Over-Classified"
October 7, 2011 11:35 AM
comment(s) - last by
Former head of the National Security Agency and CIA and retired U.S. Air Force Gen. Michael Hayden
Ex-head of the National Security Agency and CIA and retired U.S. Air Force Gen. Michael Hayden said federal agencies need to open up to public and private industry to address cyber threats
climbs its way up the priority list after 2011's string of attacks against government and corporate systems, U.S. government agencies and companies struggle to find a happy medium between excessive secrecy and too much disclosure regarding the handling of such issues.
Going one way or the other can have severe repercussions. Excessive secrecy can stifle cyber defense, as too much focus could be placed on an issue that was already resolved elsewhere. If you keep it secret, someone who might know how to fix it cannot do so. Too much disclosure, on the other hand, gives hackers what they need to work around security systems.
So what's a company to do? According to former head of the National Security Agency and CIA and retired U.S. Air Force Gen. Michael Hayden, information regarding cyber attacks are "over-classified" and releasing only necessary information without being too descriptive could be helpful in creating an educated, open forum of
how to deal with these problems
"This may come as a surprise, given my background at the NSA and CIA and so on, but I think that this information is horribly over-classified," said Hayden. "The roots to American cyber power are in the American intelligence community, and we frankly are quite accustomed to working in a world that's classified. I'm afraid that that culture has bled over into how we treat all cyber questions."
U.S. President Barack Obama released a memo in January 2009 telling federal agencies to
work more closely with public and private industry
on important matters, allowing for greater government transparency. According to Army Col. Rivers Johnson, U.S. Cyber Command has been compliant with the president's demands.
"It's important to note that both NSA and USCYBERCOM continue to be committed to open government and transparency in accordance with the President's 21 January 2009 Memo," said Johnson. "We also have a responsibility to ensure classified and sensitive information is protected in accordance with applicable laws and policies."
"What's happened is, the accumulation of those individual, discrete, maybe correct decisions has created a consequence in which the overall effect is greater than the harm that would have been created by reviewing the individual decisions," said Hayden. "Collectively, what you've got is an uninformed public, and what you've got is a private sector that doesn't understand the precise nature of the threat they're up against."
This article is over a month old, voting and posting comments is disabled
Don't Ask, Don't Tell
10/7/2011 4:11:45 PM
"Don't Ask, Don't Tell."
It doesn't work as a security posture.
It is possible to keep the contents of a system secure and classified even without keeping the security measures and system architecture secret.
The problem with the "it's classified" line is that it is used to hide problems, not fix them.
A good lock is one that is hard to open without the key
even when you know exactly how the lock works.
Keeping the lock design secret doesn't make it a better or more secure lock.
What the government is basically saying is that because the contents of the vault are classified, people who don't have classified clearance aren't allowed to fix the vault. In addition people who DO have classified clearance aren't allowed to discuss problems with the vault with other vault experts who may not have clearance. It's dumb. But it
"Well, we didn't have anyone in line that got shot waiting for our system." -- Nintendo of America Vice President Perrin Kaplan
DHS Conducts Cyber Security Simulations to Aid Private Industries
October 3, 2011, 9:36 AM
Companies "Pwned" in Hacking Contest, Cyber Security Skills Lacking
August 8, 2011, 5:37 PM
Global Cyber Security Push is Underway
July 6, 2011, 7:28 AM
Amazon's New "Pantry" Service to Compete with Costco, Sam's Club
December 13, 2013, 11:26 AM
Quick Note: Former Googler Becomes Director of U.S. Patent and Trademark Office
December 12, 2013, 10:42 AM
AT&T Launches U-verse with GigaPower Network in Austin, Texas
December 11, 2013, 5:14 PM
Harlem to Receive U.S.' Largest Free Wi-Fi Network
December 11, 2013, 11:48 AM
Google's First Asian Data Centers Now Operational
December 11, 2013, 8:50 AM
Seattle's High-Speed Internet Rollout Delayed Due to Financial Issues
December 10, 2013, 12:14 PM
Most Popular Articles
Experts: Masturbation Prevents Cancer, Diabetes, Insomnia, and Depression
December 6, 2013, 2:01 PM
Report: Windows 8.2 Revives Start Menu, Runs Metro Apps in Desktop Mode
December 10, 2013, 2:56 PM
Hackers Nab 2 Million Login Credentials from Facebook, Gmail, Twitter
December 5, 2013, 1:00 PM
Houses Passes "Anti-Troll" Innovation Act With Pro-Apple, Microsoft Edits
December 9, 2013, 8:55 PM
Thieves Steal Truck with Cobalt-60 Onboard in Mexico, Will Die "Without a Doubt" from Exposure
December 5, 2013, 12:04 PM
Latest Blog Posts
Justice Leaks Details of Next HTC One Two Flagship Phone
Dec 5, 2013, 4:04 PM
Global Cyber Espionage Concerns Reveal Growing Cyber Armies
Nov 29, 2013, 11:04 AM
Is The Period Becoming an Expression of Anger?
Nov 26, 2013, 2:02 PM
NSA and Congress -- You Will Never Kill the Constitution, It's an Idea
Nov 10, 2013, 2:00 PM
AT&T Explores $100B+ USD Deal to Acquire Vodafone's European Operations
Nov 4, 2013, 7:34 AM
More Blog Posts
Copyright 2013 DailyTech LLC. -
Terms, Conditions & Privacy Information