Published on Security Management (http://www.securitymanagement.com)
Experts Say Need-to-Know Should Trump Security Clearance
By Carlton Purvis
Created 08/23/2011 - 17:15



    
Wrap-Up?: 
No
Weight: 
0
Lead Headline?: 
No
Date: 
08/23/2011
By Line: 
By Carlton Purvis
Teaser: 
Implementing a policy where need-to-know trumps security clearance would help avoid incidents like Cablegate.




Some experts say that restricting access to information based on need-to-know is better than providing access to everyone with the appropriate level of security clearances when it comes to sensitive intelligence. The comments were made at a panel during Shake It Up, a MeriTalk Innovation Nation Forum to discuss cybersecurity and cloud computing strategies for businesses, at the Walter E. Washington Convention Center. 


Sensitive information should be looked at to determine what information is the most important and who it should be shared with, panelist Josh Sawislak, of CLIO Strategies LLC. “Once those [parameters] are defined, then we can define the technology [needed to provide security].” 


Before 9-11, federal law limited the ability of intelligence officials to communicate with federal law enforcement and vice versa. The attacks on the World Trade Center led to provisions in the Patriot Act that allow information to flow more freely between law enforcement agencies and the intelligence community. The post-9-11 mantra was also to get rid of stove pipes that kept information from flowing freely among intelligence agencies.


This increased information sharing led to a record number of personnel with access to sensitive information which many say enabled the release of 250,000 embassy cables to Wikileaks, allegedly by a person who perhaps should never have had access to them.


Another issue is that in a short period of time, many new bureaucracies were created, Michael Howell, deputy program manager of the Office of the Program Manager said of his agency and others. Since then, agencies have been struggling to keep up with implementing data security to address constantly evolving threats.


“It was a wake up call,” Howell said of Cablegate. “It was a failure to protect. If you’re going to share information you need to know who you’re sharing with and what they’re doing with it and what they’re doing to protect it.”


Sawislak said another Cablegate could be prevented by establishing need-to-know only policies for sensitive information. In today’s information sharing environment, “need-to-know is more important than clearance,” Sawislak said. 

 




screen grab of Wikileaks homepage after Cablegate from Sean MacEntee [1]




Related Resources: 
 




Thumbnail: 
Comments


    

    




  
Security Management is the award-winning publication of ASIS International, the preeminent international

organization for security professionals, with more than 38,000 members worldwide.


ASIS International, Inc. Worldwide Headquarters, 1625 Prince Street, Alexandria, Virginia 22314-2818 U.S.A.

703.519.6200 | fax 703.519.6299 | www.asisonline.org


ASIS


© 2013 Security Management

This site is protected by copyright and trade mark laws under U.S. and International law.

No part of this work may be reproduced without the written permission of Security Management.








    

    
Source URL: http://www.securitymanagement.com/news/experts-say-need-know-should-trump-security-clearance-008930

    
Links:
[1] http://www.flickr.com/photos/smemon/5247405990/sizes/t/in/photostream/