Intelligence Community IDs Cyber Concerns
Databases will determine activities in the future, and criminals want to exploit them.
Cyber is the prime concern of the intelligence community, Sean Kanuck, national intelligence officer for cyber issues, Office of the Director of National Intelligence, said today at the Global Identity Summit in Tampa. Not only is cyber an immense problem in itself, but it also pervades all other national security concerns, including biometrics.
Every identity problem is a cyber issue going forward, because biometric and biographic information is collected and stored virtually. These systems have immense usage and hence are large targets for malicious activities, Kanuck explained. The country is at a critical juncture where innovation and the inability to protect systems of national security importance is a real problem. Kanuck urged developers of biometrics systems to consider emerging technical standards, policy, privacy and international issues when conducting their work.
Trends observed by intelligence officials include convergence and "more." Convergence involves networks, protocol and devices. "More" has seven parts: more incidents, more disruptive or destructive events, more actors, more targets, more sophisticated, more collateral damage and more vectors.
The National Intelligence Council also sees several risks. One is how to carry out defense, which is no longer an intrusion/perimeter-defense situation. Kanuck stated that everyone needs to understand what they want to protect, from whom and why. Another risk is the bring-your-own-device trend that exposes networks to any vulnerabilities inherent on the platforms that individuals connect into them. Cloud poses another concern. It offers cost savings and functionality but results in outsourcing security. Systems operators also need to be aware of the possibility they could have to operate in a degraded environment.
Finally, anyone involved with cyber needs to consider the human element. Technological protections aren't enough.
Going forward, trust will remain a major issue. A large problem Kanuck identified involves trusting identities and information received in cyberspace. Already, a hacked Twitter account disrupted the stock market. Potential problems include unauthorized alterations to the no-fly list that could permit terrorists to board aircraft or false information placed in repositories. Increasingly, databases will determine who gets to do what. That makes them attractive to a lot of bad actors, Kanuck stated.
Another challenge is the Internet of Things, as the world learns how to manage the data these many devices will exchange on the periphery. Virtual identity and convergence also demands attention, as experts must determine how to match individuals to virtual identities one-to-one when necessary.