National security communities cannot protect all their information. Yet the exigencies of cyber security and identified network vulnerabilities are trumping more strategic consideration of information protection, and national security communities have found it difficult to adhere to clear and defensible information protection principles. A more strategic approach would focus on identifying and prioritizing the most important organizational information; a defense that aligns information security resources to the most important information, with a clear view of the actions needed to protect against the intelligence capabilities of strategic competitors; and, established mechanisms for situations when preventive security measures will so often fall short, which include standing deception plans and well-coordinated reparative measures. Without defensible principles, the immense cyber security investments being made will not have the desired information security effect.
READ THE FULL ARTICLE HERE
(SHA256: 7B9CEC6D16C1F369AFB65DE1294A5A1FE0956421B9CC99C1A1AD8FFDDC273B60)