Apologies, Joni

“Don’t it always seem to go
That you don’t know what you’ve got
‘Til it’s  gone”

— Joni Mitchell, “Big Yellow Taxi”

http://bit.ly/18tIH1K (She just turned 70!)

One of the interesting aspects of information is that you often don’t know what you don’t have any more, because you still have it.

“Officials say U.S. may never know extent of leaks,” Houston Chronicle (by way of the New York Times), December 15, 2013 A4 http://bit.ly/1cv4diq 

The NSA is struggling to determine what, exactly, Edward Snowden made off with.  Part of the problem is that he hid his tracks, and had access to so much information.  Reportedly, the NSA has to wait to learn from reporters what is about to be disclosed, and develop damage containment plans in a hurry. 

So, one control is hiring the right people and contractors; another is doing a security check on people who had administrative access; another is having technology that prevents people from accessing what they shouldn’t be accessing (Nancy Sinatra?); and another is having technology that keeps track of what people actually get access to (even if they use someone else’s ID).  Then at least you can respond somewhat intelligently when the information is compromised and dribbled out in public.

I thought you couldn’t do torture?


Leave a comment

Filed under Business Case, Business Continuity, Controls, Information, Internal controls, IT, Operations, Ownership, Risk, Security, Third parties, Value

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s