Feature
News
2/21/2008
12:15 PM
Connect Directly
RSS
E-Mail
50%
50%

CIOs Uncensored: Security Smarts

Pacific Northwest National Laboratory's defense-in-depth strategy involves seven layers of security.

"Thank goodness it wasn't us!"

We can't help it. Every time another nasty cybersecurity failure makes headlines, our eyes roll heavenward and we breathe a sigh of relief. Yet, while we have great empathy for the CIO at the enterprise that just got nailed, we know there's a bullet somewhere with our name on it.

Not just one bullet--millions of them. At Pacific Northwest National Laboratory, we deflect more than 3 million attacks on our Internet firewall every day--10% of the connection requests. During the same time, our e-mail system rejects more than 1.2 million messages from disreputable sources or because they're detected as spam. That's nearly 97% of the e-mail being sent via the Internet to the laboratory. And it's getting worse daily.

InformationWeek Reports

PNNL is a U. S. Department of Energy Office of Science national laboratory that's working to solve complex problems in energy, the environment, and national security. Our 4,000 staffers conduct fundamental research in the chemical, biological, materials, environmental, and computational sciences, and translate new discoveries into practical solutions to some of the most vital challenges facing our nation.

Pacific Northwest
National Laboratory

ESTABLISHED: In 1965 by the U.S. Department of Energy

STAFF: Approximately 4000

BUSINESS VOLUME (2007): $761 million

RESEARCH: Energy, environment, national security, and fundamental science for government, academia, and industry

PATENTS: 1,557, U.S. and foreign
That kind of work attracts a lot of interest, not all of it good. Attackers range from hackers to organized crime to foreign governments. The motives are economic, national security, or simply the challenge of attacking a government facility. The targets include intellectual property, customer data and other proprietary or business information, and personal information such as employee Social Security numbers.

Concurrent with the need to protect our sensitive information assets, we must also allow for appropriate and authorized sharing of data, scientific instruments, and computing resources with scientists around the world. Collaboration is an imperative of modern science, and IT enables effective and efficient partnering without regard to time or place. In addition, we have to ensure the availability of computing resources, including one of the world's largest supercomputers.

Cyberattacks are constantly evolving and increasingly sophisticated, making it impossible to get ahead of the perpetrators. To counter these attacks, the lab has deployed a defense-in-depth strategy with seven layers of protective measures. Each successive layer is designed to protect information and computing assets from attacks that get past the layers above.

Photograph by Mark Roberts

Previous
1 of 5
Next
Comment  | 
Print  | 
More Insights
The Business of Going Digital
The Business of Going Digital
Digital business isn't about changing code; it's about changing what legacy sales, distribution, customer service, and product groups do in the new digital age. It's about bringing big data analytics, mobile, social, marketing automation, cloud computing, and the app economy together to launch new products and services. We're seeing new titles in this digital revolution, new responsibilities, new business models, and major shifts in technology spending.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest - August 27, 2014
Who wins in cloud price wars? Short answer: not IT. Enterprises don't want bare-bones IaaS. Providers must focus on support, not undercutting rivals.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Howard Marks talks about steps to take in choosing the right cloud storage solutions for your IT problems
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.