Bad Apples in the Barrel are the Biggest Danger to Security

In light of the story circulating about a mid-level manager at Homeland Security getting caught falsifying immigration documents, Michael Chertoff said:

"I wish we could be perfect. Human existence is not perfect, but I can tell you it is a very small proportion, and there is nothing more important than finding those few bad apples and throwing them out of the barrel."

I had considered writing a post about this mid-level manager, then it occurred to me that Mr. Chertoff was correct (from a global perspective) and that - from a security standpoint - there is nothing more important than throwing those "bad apples" out of the barrel.

"Bad apples" don't only exist in "Homeland Security," and although someone getting caught there makes good "press," we have bigger problems out there that need to be dealt with.

One of the biggest threats, we face today is rogue nations obtaining nuclear capabilities. AQ Khan, who developed nuclear weapons for Pakistan, admitted selling secrets to North Korea, Libya and Iran. Many believe that he obtained a lot of his knowledge from the Chinese, who were caught stealing nuclear secrets from us during the Clinton Administration, Online NewsHour: Spies Among Us -- June 9, 1999."

And there is evidence that the Chinese actively seek to plant insiders to steal information. Here is a previous post, I wrote about that.

If any of this is true, we are still being damaged as a result of "insider" problems from the 90's. Two of the biggest threats to world peace today are Iran and North Korea and their "nuclear ambitions."

Insider problems exist at all levels - and are a favorite means for rogue governments, foreign businesses, criminals and terrorist organizations to defeat any and all security measures.

Ira Winkler of the National Computer Security Association wrote:

The Federal Bureau of Investigation estimates that U.S. Corporations lose $100 Billion annually due to industrial espionage. While many people believe that the espionage is committed by well financed organizations that can only be stopped by national agencies, that is very incorrect. Industrial espionage usually exploits simple and very preventable vulnerabilities to produce tremendous results.

The theft of sensitive information from U.S. corporations is the goal for many foreign nations and companies. Adversaries do not care about what form the information takes. Whether information is in electronic format or is thrown away in the trash, it is irrelevant as long as the information is compromised.

Industrial spies know how to bypass any strong part of a security program to attack an organization at it's weakest point.

For Mr. Winkler's full analysis, link here.

Mr. Winkler's analysis brings up some very valid points and scary insights. The people who engage in insider theft will use any and all means to accomplish their goals. Look at all the major breaches that have been caused by a laptop being left unsecured?

Perhaps, I got off topic, but my vote is that we move on and forget this mid-level manager. Homeland Security has bigger fish to fry and the fact that he was caught indicates that they are willing to clean up their own backyard. After all, there are a lot of other backyards out there that probably need to be cleaned up and this is where our focus should lie.