Paying for Non-Secrets

Uploaded on 2015-06-22 in NEWS-Cybersecurity News, GOVERNMENT-National, FREE TO VIEW

george_tenet_911_1.jpg

Former Director of Central Intelligence George Tenet famously said when asked about so-called open source (unclassified) intelligence, “we only pay for secrets.” He spoke with the confidence of a man born and raised in the world of the 20th century spy and the Cold War. 

With the massive leak of government employee information from the Office of Personnel Management (OPM), Director Tenet’s statement has been proven quite wrong for the 21st century. China and others are willing to pay for “non-secrets” and they matter.

As data breaches go, the OPM break in was not the biggest one experienced in the past few years. Target, JP Morgan Chase and a few others were larger in breath and scope. But, they did not contain information that could be used to target and engage in spying on the US government.

As an old spy, I wanted information. I wanted people’s background: where they live and had lived, who their relatives were, and what personal problems they might have. That way I could figure out how to develop a successful “relationship” with someone who would spy for me. And, also, target more successfully – not waste time on someone who did not matter. You see, the real trick is human intelligence is finding people with access to important people and their information. I don’t want to recruit the Secretary of State -- too big, too awkward to meet and not likely to be recruited. No, I want someone on his staff or someone who has access to his staff and especially their work product.

The OPM leak contains millions of personnel files that will help China do just that. Files on government employees and their contractors with a summary of their backgrounds and what programs they have access to is quite sufficient for my targeting purposes.

In the 21st century, information contained in files like OPM need to be treated like the old fashioned state secrets were. I am sure whatever investigation there is will turn up either woefully inadequate IT security, inside actions, or both. 
Welcome to 21st Century cyber conflict. Information is a weapon to use and target and cyber space is the battlefield. So far, if OPM is the indicator, the US government is getting skunked.
Ronald Marks President and Senior Partner, Intelligence Enterprises, LLC
LinkedIn: http://linkd.in/1RcRTYK

 

« Samsung Will Fix Security Hole in Galaxy Smartphones
Cyber Insurers Won’t Cover Data Breach »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

PrivateCore

PrivateCore

We protect data-in-use from hackers trying to steal data such as encryption keys, certificates, intellectual property.

Applied Security (APSEC)

Applied Security (APSEC)

APSEC provides products and services in the areas of encryption, digital signature, authentication and data loss prevention.

Puleng Technologies

Puleng Technologies

Puleng provides customers with a client-centric strategy to manage and secure the two most valuable assets an organisation has - its Data and Users.

GuardianKey

GuardianKey

GuardianKey is a solution to protect systems against authentication attacks.

IT Security Jobs

IT Security Jobs

IT Security Jobs is a dedicated portal for everything related to IT professionals looking for IT Security jobs.

Tapestry Technologies

Tapestry Technologies

Tapestry Technologies supports the Department of Defense in shaping its approach to cybersecurity.

Vention

Vention

Vention (formerly iTechArt) is the partner of forward-thinking tech leaders around the globe.

ByteSnipers

ByteSnipers

ByteSnipers specialize in penetration testings and secure development services. Our focus is on your security.

Stacklet

Stacklet

Stacklet provides cloud governance as code platform that accelerates how Global 2000 manages its security, asset visibility, operations, and cost optimization policies in the cloud.

Approov

Approov

Approov provides a comprehensive runtime security solution for mobile apps and their APIs, unified across iOS and Android.

MS Tech Solutions

MS Tech Solutions

MS Tech Solutions is a Jamaican-based, multinational consulting company that specializes in the architecture, implementation and management of key network and Information technologies.

SecureWeb3

SecureWeb3

SecureWeb3 helps businesses and brands to secure their Web3 presence by offering a full suite of security services including training, consultancy & brand protection solutions.

Lansafe

Lansafe

Lansafe stands as a leading managed service provider in the UK, seamlessly integrating IT, Telecoms, Security, Electrical and Cyber Security solutions.

Odaseva

Odaseva

Odaseva delivers the strongest data security solution for enterprises running on Salesforce, safeguarding confidentiality and integrity of critical business information.

LT Harper

LT Harper

LT Harper specialise in cyber security recruitment. We believe in providing an individualised service to our customers whether they are looking for a new opportunity or to hire talent.

EpicCyber

EpicCyber

Since 2011, Epic Cyber has pioneered the integration of enterprise cloud technology.