We write frequently on this blog about the risk of loss of confidential information from internal trusted sources. The loss of sensitive information can be due to individuals wishing to do harm to an organization, for financial gain or because of “carelessness”.
Nothing could illustrate this better than what is playing out this week in Washington D.C. with General Petraeus at the CIA. If anyone should have known about the impact of divulging confidential information you would think it would be the Director of the CIA! Apparently nothing can stop someone with an out of control libido from sharing sensitive information.
The part that really shocks me is the fact that Petraeus and Paula Broadwell would use electronic communication to carry on their affair. However instead of actually emailing each other, they would compose and draft messages but not send them. The other person would then log into the same account and read the drafts. This made those messages harder to trace, and the tactic has been used in the past by terrorists.
This apparently worked until another women started receiving harassing emails from Broadwell which prompted an FBI investigation. Last evening the FBI was again going through Broadwell’s apartment looking for additional classified documents. If physical or electronic files are found it can be added to the long list of data breaches from internal trusted sources.
Government and private industry need to wake up to the fact that everyone has the potential to inflict this kind of damage and that information needs to be protected from the moment it is created. Files and communications containing specific patterns or phrases need to be monitored and tracked …. especially at the CIA! The simple answer is “persistent security”.
As the saying goes, “Loose lips sink ships” but you don’t have to let your files walk out the door just because people have their minds on “other” priorities!”