Government Security: Saying 'No' Doesn't Work - InformationWeek
IoT
IoT
Government // Cybersecurity
Commentary
7/14/2014
09:06 AM
Steve Jones
Steve Jones
Commentary
Connect Directly
Twitter
LinkedIn
RSS
50%
50%

Government Security: Saying 'No' Doesn't Work

It's time for government agencies to move beyond draconian security rules and adopt anomaly analytics.

there is an employee who regularly downloads multiple documents late on Wednesday evenings? Do they work flexible hours, or are they planning on joining a competitor and stealing your intellectual property?

This is where data science comes in. Applying the same sort of analytics to its own data that the NSA applies to external data would have identified Edward Snowden as an outlier very early on. Data science -- specifically, anomaly analytics -- helps to find what isn't normal. It can be applied to procurement fraud, tax yield management, cyber security, and more, and it brings more adaptive methods to deal with new threats rather than adding more bolts once the horse has left the barn. The goal of anomaly analytics is to let you know when the bolt is being rattled before the horse decides to run with another jockey. It's about finding out what could be a problem and then having processes in place to handle that.

How is this done? First, data scientists within an organization need to establish what constitutes "normal" employee behavior by analyzing a host of different variables over a period of time to identify how the majority of staff members complete tasks on a day-to-day basis. Then, by running an analysis on those findings, employee profiles that do not correspond to those typical behavioral patterns can be flagged.

Here's a specific example of how this requires governments to think differently: Government data analysts identify a coffee shop that is running more money through the tills than what is classified as normal, and the owner is linked to another shop opening elsewhere in the country. There is a possibility that this could be a front for money laundering, but how do you go about requesting a warrant or authorize surveillance based on a potential future threat? The challenge for pinpointing insider threats and confirming that they are real is similar, but watching for suspicious patterns is a good starting point.

The security landscape is evolving, and we cannot rely on traditional methods to keep data and our constituents 100% safe. The "Just Say No" mentality within government security needs to evolve to become a driver for optimization, enabling the business of government to continue forward while effectively preventing rogue behavior. Anomaly analytics isn't rocket science, and with a robust, up-to-date IT infrastructure and a set of carefully applied algorithms, data breaches can be identified and dealt with quickly to prevent outliers such as Snowden from engaging in illegal activity.

NIST's cyber security framework gives critical-infrastructure operators a new tool to assess readiness. But will operators put this voluntary framework to work? Read the Protecting Critical Infrastructure issue of InformationWeek Government today.

Steve Jones is Capgemini's Group Strategy Director for Big Data and Analytics. He is the author of Enterprise SOA Adoption strategies and the creator of the Business Data Lake reference architecture, the first unified approach to big and fast data analytics. He has worked ... View Full Bio
Previous
2 of 2
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Gary Scott
50%
50%
Gary Scott,
User Rank: Moderator
8/12/2014 | 7:45:45 PM
Effective way to steal data
The most effective way to steal data is to have access to the hardware (hard drives and backup tapes).  When it comes time to retire and dispose of old PCs and servers, equipment is usually moved from a secure area to a warehouse, storage area or unused office and ending up at a recycling facility. 

Securing data requires securing access to digital data.  Have your hard drives and backup tapes shredded before they leave the secure area.
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
IT Strategies to Conquer the Cloud
Chances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.
Video
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll