On October 7, 2011 President Obama issued an Executive Order (Structural Reforms to Improve the Security of Classified Networks and the Responsible Sharing and Safeguarding of Classified Information) “in order to ensure the responsible sharing and safeguarding of classified national security information (classified information) on computer networks”. This is as a result of the Wikileaks incident of last year. One of the major focus areas of the Executive order is to reduce the possible threat of insiders leaking classified information out of the government.
The Executive Order creates a number of Offices, task forces and steering committees to oversee and verify the implementation of new security measures to protect classified information. An example of this is the new Insider Threat Task Force. The interagency Insider Threat Task Force “shall develop a Government-wide program (insider threat program) for deterring, detecting, and mitigating insider threats, including the safeguarding of classified information from exploitation, compromise, or other unauthorized disclosure”.
Agencies will likely not get recommendations or firm guidance on what mandatories they need to put in place for a while. It will take a while for the various task forces and steering committees to provide results. In the mean time, here are some action items for Agencies to consider when planning for compliance with Obama’s Executive Order:
(1) designate a senior official to be charged with overseeing classified information sharing and safeguarding efforts for the agency;
(2) start thinkink about implementing an insider threat detection and prevention program. Based on what happened at Wikileaks, this is probably the #1 risk area for agencies.
3) Make sure your information is properly classified. If your information (documents, emails, files, database info, images etc) is not properly classified how will you be able to protect it properly? Tools that can classify any type of file should be available to users. For information on some COTs tools, click here. Make sure that the classification tool produces classification metadata that travels with the information and which can be detected by different security systems.
4) Start to do your research on Data Loss Prevention tools. These tools can prevent information from being copied to removeable devices such as USB and CD, and can also prevent infromation from being leaked via email, webmail, chat etc. Data Loss prevention tools that can recognize the classification of information are the most powerful solutions as they allow Agencies to build policy on what type of information can be shared and what type of information should be blocked.
5) perform self-assessments of current security for classified networks, and analyze any leakage or risk incidents that have occured in the past year.
What are your thoughts on this new Executive Order? Let us know your comments below.
To link to the original version of this blog, follow this link http://www.titus.com/titus-blog/2011/10/obama-exec-order-classified-networks/