Security experts from Lancope, Tripwire and SecureChannels commented this afternoon on news of the CIA’s new Directorate of Digital Innovation unit.
TK Keanini, CTO, Lancope (www.lancope.com):
“Is anyone surprised here? The Internet has changed everything we do: how we arrange for taxis, how we do grocery shopping, how we socialize, and how nations go about their spy programs. This is an old trade craft just adapting to changes that have cut deep into our lives.
It is important to note that the United States are not the only ones investing heavily into cyber capabilities and let’s hope that we are at least in the top three when it comes to the tradecraft.”
Lamar Bailey, director of security R&D, Tripwire (www.tripwire.com):
“It is a common practice in law enforcement to share resources with other agencies. For example in Georgia, most counties rely on the GBI for forensics work but the GBI can get backed up so a few counties have now formed their own CSI labs to handle their workload. The same happens with government agencies and some like the NSA are very good at researching cyber crimes and events so the data and results are shared with other agencies. The FBI sees the ever increasing need to have digital domain experts and agents at its disposal so it will be good to see them invest these resources to help police the cyber world.”
Ken Westin, senior security analyst, Tripwire (www.tripwire.com):
“I think a lot of people will be thinking ‘don’t they already do this?’ By formally setting up a division focused on data mining and cyber espionage the primary purpose is to better allocate resources and to increase operational efficiencies with other divisions. There are still a lot of outstanding questions with regards to where the CIA ends and the NSA begins, particularly when it comes to domestic surveillance programs. There is still a great deal of overlap with regards to data and systems these agencies can access, so it will be important to have proper oversight to limit their capabilities and the data they can access as well as the techniques used. Unfortunately very little information has been provided regarding how the powers of these agencies will be restricted and monitored for abuse, which is a critical factor the government needs to address in order for the American people to feel comfortable with these programs.”
Richard Blech, CEO, Secure Channels (www.securechannels.com):
“CIA Director John O. Brennan told reporters at CIA headquarters that the agency had been slow to adapt to the challenge of digital espionage….You think? The reality is hackers are nimble and unregulated while the government is slow and extremely regulated. What is left? TECHNOLOGY. It is time for the leaders of the technology cyber industry to step up, after all isn’t solving problems the very definition of technology? The government is mired down in politics and red tape. Brennan feels they won’t need new personnel to accomplish this? Really, have the existing personnel suddenly become technology experts? Protecting ourselves and our country needs to be an open conversation involving the cybersecurity industry that is not in the same quagmire as the CIA and the rest of the government. Form a committee of the top experts and let’s start cutting through the red tape.”
Webinar By Duo Security: Securing Apps and Data in the Cloud and On-Premises (March 11, 2015 at 10 am PST / 1 pm EST)