Government // Cybersecurity
News
2/26/2014
12:36 PM
100%
0%

NSA Scandal Darkens Cloud Discussions At RSA

From Europe's efforts to create regulations for data localization to worries over the security of the cloud, the leaks of the past eight months have cast a shadow over cloud providers.

RSA CONFERENCE -- San Francisco -- Last summer's revelations of the extent to which the US National Security Agency (NSA) collected data on American and foreign targets has caused rifts between global businesses that are hindering efforts to secure the cloud, said Richard Clarke, CEO of Good Harbor and a former US cyberczar, at the Cloud Security Alliance (CSA) Summit on Monday.

The steady leak of documents during the past eight months detailing the operations of the NSA intelligence collection activities has damaged both US policy efforts abroad and the business of a variety of multinational companies, especially cloud providers. Efforts to implement strong security guidelines for the cloud will have to overcome efforts by other nations to implement data residency restrictions to hinder competition, Clarke said.

[For more from RSA, see RSA Conference 2014: Complete Coverage.]

"Non-US companies are using the NSA revelations as a marketing tool," he said. "There is a great deal of hypocrisy in all of this. People are suddenly amazed that intelligence agencies were collecting intelligence."

Requirements to force cloud providers to keep data in the country of origin and not allow data to transit through the US amount to technological nationalism and, worse, do not make the data any appreciably safer, Clarke said. Data hosting in Europe will be just as easy to get access to as data hosted in the US or another country, Clarke said.

Read the rest of this story on Dark Reading.

Robert Lemos is a veteran technology journalist of more than 16 years and a former research engineer, writing articles that have appeared in Business Week, CIO Magazine, CNET News.com, Computing Japan, CSO Magazine, Dark Reading, eWEEK, InfoWorld, MIT's Technology Review, ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Marilyn Cohodas
100%
0%
Marilyn Cohodas,
User Rank: Author
2/28/2014 | 3:37:09 PM
Re: good RSA insight for those of us not there
It's an insult to everyone's intelligience for Clarke to dismiss the uproar as simple naivite' that "people are suddenly amazed that intelligence agencies were collecting intelligence." It's the scale and lack of appropriate oversight that is so shocking. That and the fact that a government contractor could so easily abscond with all that classified information in the first place. 
IMjustinkern
50%
50%
IMjustinkern,
User Rank: Strategist
2/28/2014 | 11:17:11 AM
Re: good RSA insight for those of us not there
Mr. Clarke ... "your winnings, sir.
J_Brandt
50%
50%
J_Brandt,
User Rank: Ninja
2/27/2014 | 7:34:11 PM
Re: good RSA insight for those of us not there
I don't think it's so much being shocked at the intelligence gathering, it's the sudden realization of how much data everyone is leaking without their even being aware of it.
Drew Conry-Murray
100%
0%
Drew Conry-Murray,
User Rank: Ninja
2/27/2014 | 11:31:29 AM
Re: good RSA insight for those of us not there
That comment jumped out at me too. Of course intelligence agencies collect data. The question is, what lengths will they go to? The revelations that the NSA sought to weaken encryption standards is a legitimate cause for outrage. That said, I agree with Clarke that residency restrictions wouldn't do much for security.
Thomas Claburn
100%
0%
Thomas Claburn,
User Rank: Author
2/26/2014 | 5:02:35 PM
Re: good RSA insight for those of us not there
What's amazing is how the administration bends the law around the contours of its intelligence gathering. If it were only terrorism-related intellgence gathering going on, it wouldn't be an issue. 
IMjustinkern
50%
50%
IMjustinkern,
User Rank: Strategist
2/26/2014 | 1:39:05 PM
good RSA insight for those of us not there
Especially love this quote: "People are suddenly amazed that intelligence agencies were collecting intelligence."

While I agree with Clarke's statements in part, I think the real amazement is HOW the intelligence is being collected and WHAT they're going after (i.e. everything). 

Looking forward to more gems like this, especially from RSA themselves.
Cyber Security Standards for Major Infrastructure
Cyber Security Standards for Major Infrastructure
The Presidential Executive Order from February established a framework and clear set of security standards to be applied across critical infrastructure. Now the real work begins.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest, Nov. 10, 2014
Just 30% of respondents to our new survey say their companies are very or extremely effective at identifying critical data and analyzing it to make decisions, down from 42% in 2013. What gives?
Video
Slideshows
Twitter Feed
InformationWeek Radio
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.