Overprotection Threatens Effective Cyber Operations
Too much data security can be as much of a problem as too much secrecy when it comes to cyberspace operations.
The emphasis on protecting data is fouling networks and preventing effective security, according to panelists at TechNet Asia-Pacific in Honolulu, Hawaii. This approach to data security must be changed to reflect the new realities of cyberspace and increasing use of new information technologies.
Terry Halvorsen, Department of the Navy chief information officer, cited a German military official, saying: “If you try to protect everything, you protect nothing.” He called for the military to stop protecting data that it must give away anyway, such as information that must be publicly available by law.
Col. A.G. Hatcher, USAF, director of communications (A-6), Pacific Air Forces, agreed that the force cannot protect every bit of data. He cited the need for the right level of training to defend the network adequately.
Halvorsen added that overprotected data slows its delivery. He called for establishing a definition of data value.
Brig. Gen. Kevin Nally, USMC, director of C4 for the Marine Corps, called for prioritizing data and building enclaves around what is necessary to protect. He added that forces must build a resiliency plan because it is not really possible to defend the Internet.
