[prev in list] [next in list] [prev in thread] [next in thread]
List: isn
Subject: [ISN] CIA's Ex-CISO on Preventing Leaks
From: InfoSec News <alerts () infosecnews ! org>
Date: 2013-06-24 6:07:44
Message-ID: alpine.DEB.2.02.1306240607340.2582 () infosecnews ! org
[Download RAW message or body]
http://www.bankinfosecurity.com/interviews/cias-ex-ciso-on-preventing-leaks-i-1992
By Eric Chabrow
Bank Info Security
June 21, 2013
Robert Bigman, former CISO at the CIA, says many government agencies and
other organizations have yet to take adequate steps to prevent rogue
systems administrators from accessing sensitive information on systems
they manage.
"If you don't have vigorous security oversight, you tend to fall into the
trap like a lot of organizations do, that we will not have a problem and
everything will work out fine," Bigman says in an interview with
Information Security Media Group. He retired last year after 15 years as
the chief information security officer at the Central Intelligence Agency.
In the interview, Bigman shies away from discussing specifics about the
case of Edward Snowden, the former National Security Agency systems
administrator who leaked information regarding two classified
intelligence-gathering programs despite his top-secret security clearance
[see IT Tools Available to Stop NSA-Type Leaks]. But he offers advice on
how organizations can pull in the reins on systems administrators who have
wide access to many systems and data.
Too often, Bigman says, organizations focus on pumping up services by
increasing the number of systems administrators to assure round-the-clock
coverage. Testifying at a House Intelligence Committee hearing on June 18,
NSA Director Keith Alexander said the number of systems administrators at
the agency has grown to about 1,000, and its leaders are mulling reducing
that number to help improve security [see NSA Outlines Steps to Reduce
Leaks.]
[...]
_______________________________________________
ISN mailing list
ISN@lists.infosecnews.org
http://lists.infosecnews.org/mailman/listinfo/isn_lists.infosecnews.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic