Government // Cybersecurity
Commentary
7/14/2014
09:06 AM
Steve Jones
Steve Jones
Commentary
Connect Directly
Twitter
LinkedIn
RSS
E-Mail
50%
50%

Government Security: Saying 'No' Doesn't Work

It's time for government agencies to move beyond draconian security rules and adopt anomaly analytics.

there is an employee who regularly downloads multiple documents late on Wednesday evenings? Do they work flexible hours, or are they planning on joining a competitor and stealing your intellectual property?

This is where data science comes in. Applying the same sort of analytics to its own data that the NSA applies to external data would have identified Edward Snowden as an outlier very early on. Data science -- specifically, anomaly analytics -- helps to find what isn't normal. It can be applied to procurement fraud, tax yield management, cyber security, and more, and it brings more adaptive methods to deal with new threats rather than adding more bolts once the horse has left the barn. The goal of anomaly analytics is to let you know when the bolt is being rattled before the horse decides to run with another jockey. It's about finding out what could be a problem and then having processes in place to handle that.

How is this done? First, data scientists within an organization need to establish what constitutes "normal" employee behavior by analyzing a host of different variables over a period of time to identify how the majority of staff members complete tasks on a day-to-day basis. Then, by running an analysis on those findings, employee profiles that do not correspond to those typical behavioral patterns can be flagged.

Here's a specific example of how this requires governments to think differently: Government data analysts identify a coffee shop that is running more money through the tills than what is classified as normal, and the owner is linked to another shop opening elsewhere in the country. There is a possibility that this could be a front for money laundering, but how do you go about requesting a warrant or authorize surveillance based on a potential future threat? The challenge for pinpointing insider threats and confirming that they are real is similar, but watching for suspicious patterns is a good starting point.

The security landscape is evolving, and we cannot rely on traditional methods to keep data and our constituents 100% safe. The "Just Say No" mentality within government security needs to evolve to become a driver for optimization, enabling the business of government to continue forward while effectively preventing rogue behavior. Anomaly analytics isn't rocket science, and with a robust, up-to-date IT infrastructure and a set of carefully applied algorithms, data breaches can be identified and dealt with quickly to prevent outliers such as Snowden from engaging in illegal activity.

NIST's cyber security framework gives critical-infrastructure operators a new tool to assess readiness. But will operators put this voluntary framework to work? Read the Protecting Critical Infrastructure issue of InformationWeek Government today.

Steve Jones is Capgemini's Group Strategy Director for Big Data and Analytics. He is the author of Enterprise SOA Adoption strategies and the creator of the Business Data Lake reference architecture, the first unified approach to big and fast data analytics. He has worked ... View Full Bio
Previous
2 of 2
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Gary Scott
50%
50%
Gary Scott,
User Rank: Strategist
8/12/2014 | 7:45:45 PM
Effective way to steal data
The most effective way to steal data is to have access to the hardware (hard drives and backup tapes).  When it comes time to retire and dispose of old PCs and servers, equipment is usually moved from a secure area to a warehouse, storage area or unused office and ending up at a recycling facility. 

Securing data requires securing access to digital data.  Have your hard drives and backup tapes shredded before they leave the secure area.
Cyber Security Standards for Major Infrastructure
Cyber Security Standards for Major Infrastructure
The Presidential Executive Order from February established a framework and clear set of security standards to be applied across critical infrastructure. Now the real work begins.
Register for InformationWeek Newsletters
White Papers
Current Issue
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of June 21, 2015.
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.