DOD, intell community study Web access
The Defense Department is planning a new round of World Wide Web site security reviews in light of continuing concerns that the large volume of information available to the public on the Internet poses a significant risk to DOD operations, a senior DOD official said today.
The Defense Department is planning a new round of World Wide Web site security reviews in light of continuing concerns that the large volume of information available to the public on the Internet poses a significant risk to DOD operations, a senior DOD official said today.
According to Maj. Gen. John Campbell, vice director of the Defense Information Systems Agency and commander of the newly established Joint Task Force for Computer Network Defense, a recent exercise focusing on the problem of data aggregation revealed that even nonintelligence professionals could easily glean sensitive information from the large volume of data available on DOD's Web sites. "It was scary how successful [the exercise] was," Campbell said.
Speaking at a luncheon sponsored by the Armed Forces Communications and Electronics Association, Campbell said additional surveys of DOD Web sites are in the works, and he said recommendations for changes to Web sites will be made available to DOD organizations soon.
Capt. Catherine Burton, staff director for the DOD-wide Information Assurance Program, which provides oversight, coordination and budget guidance for all of DOD's information assurance initiatives, said DOD is working with the intelligence community to formulate recommendations on Web access and security. "We're very seriously looking at the data aggregation problem," Burton said. However, "you still have to balance access with control," she said.
Campbell said DOD's Joint Task Force for Computer Network Defense, which was designed to be DOD's front-line protection against unauthorized network access and cyberattacks, will reach full operational capability in June and then will be transferred to one of the five commanders in chief. In addition, Campbell said the task force this year will stand up a 24-hour-per-day network monitoring watch and will begin work on contingency plans for cyberattacks.