Government to tighten IT security in wake of Wikileaks furore

By Derek du Preez
07 Dec 2010 View Comments
Water leaking through a colander

The national security adviser to David Cameron has ordered all government departments to review their computer security in the wake of ongoing disclosures by whistle-blowing web site Wikileaks.

"The Prime Minister's national security adviser has written to all departments to ask them to look again at their information security and to provide him with assurance about the level of that information security," said Home Secretary Theresa May.

Further reading

Wikileaks first appeared on the internet in December 2006, and has since been leaking information relating to politically sensitive government documents. As a result the site has faced international scrutiny, owing to the backlash from international governments branding it a risk to national security.

The scrutiny has resulted in some serious setbacks for the site, most recently Amazon and Paypal have removed services from the site.  It has also suffered a series of cyber attacks.

In addition, and more broadly, the ongoing scandal has raised serious questions for governments around data privacy and the security of sensitive information.

"Wikileaks has been ramping up the insider threat level for some time," said Alan Bentley, senior vice-president international at security experts Lumension.

"Security defences are often only bolstered when a risk is proven to have increased and with reams of highly classified information still emerging it is no surprise that a further review of computer security is needed," he added.

"The Wikileaks furore has accelerated the need to change the way that sensitive information is accessed and downloaded. Removable devices have eased the way in which information can be taken out of an organisation and policies must be enforced to prevent unnecessary data removal."

Andrew Kellett, senior analyst at Ovum, said the Wikileaks saga holds lessons for CIOs.

"This goes further than just Wikileaks because it highlights what can happen when you don't have control over your information systems. There are opportunities for information to be leaked out of the organisation, and in most companies it is possible to get hold of sensitive data and copy it without IT knowing this has happened," said Kellett.

"In our experience a lot of IT departments don't have the tools to do the monitoring that is required. We know from a lot of work that has been done in the data loss and prevention area, that organisations don't have the basic tools in place to allow them to be informed and take action when the wrong data is leaving the company," he added.

"CIOs need to ensure all of their devices are properly encrypted."

Reader comments
blog comments powered by Disqus
Newsletters
Windows 10 - will you upgrade?

Microsoft has made an early version of Windows 10 - its next operating system - available for download. The OS promises better integration and harmonisation across platforms, including mobile and desktop. Will your business be upgrading?

36 %
33 %
12 %
19 %