From Newsweek to the Drudge Report to the The Huffington Post, it seems that everyone is talking about an unexpected big winner on election night - the Internet. Has a paradigm shift arrived?
The day after the election, Newsweek broke a story about both campaigns getting hacked. Other headline-grabbing stories popped up this week (along with video analysis from Fox News) regarding the White House getting hacked.
Meanwhile, the role of the Internet under the upcoming administration is receiving huge coverage. Information Week reported Obama Election Ushers in First Internet Presidency. Here's an excerpt:
"The 2008 presidential election marked two great changes of the guard. The biggest immediate change, of course, was the election of an African-American Democrat as the next president of the United States.
But perhaps a bigger change over the long term was the crowning of the Internet as the king of all political media. It was the end of the era of television presidency that started with JFK, and the beginning of the Internet presidency."
Is this the start of something different - a paradign shift? Just for the record, I think this election will change political campaign strategies, at all levels of government going forward. Security will also have a new seat at many tables.
What are your thoughts? If this is a new day, what should security professionals do differently now?
My thought is that, as security professionals, we should accept this visibility as an opportunity to raise the awareness of information security as a fundamental and non-negotiable component of "the Internet." We need to help people recognize that not only will this change the way campaign strategies are conducted but how it is already affecting every other facet of our lives. A good friend of mine once said that "a budget crisis is a terrible thing to waste" and we can now make the same case for this kind of visibility.
Hi Dan;
I agree with your assessment on the political strategies going forward. I think that the internet will figure prominently in all political activities from here on out.
What should we in the information security industry be thinking about?
I believe that we need to be embracing our own paradigm shift. We as an industry need to be acknowledging and shifting our focus to an Information System Risk Management based approach. Where the definition of an information system includes not only information technology, but all information resources, including people, funds, facilities, etc...
With the disintegration of the traditional organizational perimeter and ever increasing migration to the cloud and virtualization of entire data centers it will become imperative that the info-sec professional is able to assess and convey to the business owner the impact to the organizations overall risk posture from the informatin systems operated by the organization in the achievement of it's mission.
A critical part of this function will be identifying and establishing the appropriate security controls not only within the organization but between organizations. These trust relationships, will only be possible if the organizations can assure each other of the level of protection they can provide for the others information.
Thanks Dan! Keep up the good work.