Blog

Einstein Will Be Ineffective—Relatively Speaking

Ara Trembly
Insurance Experts' Forum, March 8, 2010

It’s not often I get an opportunity to say, “I told you so,” so quickly after opining on a topic. I recently noted here that one reason we are losing the battle against cyber-crime is that “privacy advocates” will stand in the way of the kind of monitoring necessary to catch Internet-based crooks and terrorists. 

Lo and behold, it didn’t take long for someone else to confirm that privacy issues are likely to dilute the effectiveness of our Internet security efforts. According to the Wall Street Journal, the National Security Agency is bolstering an existing Homeland Security program—dubbed Einstein—to detect and respond to cyber attacks on government systems, and perhaps on any business system deemed critical to U.S. interests.

“The current version of the program is widely seen as providing meager protection against attack, but a new version being built will be more robust—largely because it’s rooted in NSA technology. The program is designed to look for indicators of cyber attacks by digging into all Internet communications, including the contents of e-mails,” according to the Journal.

In an apparent nod to those worried about privacy, Homeland Security will then strip out identifying information and pass along data on new threats to NSA. It will also use threat information from NSA to better identify emerging cyber attacks. The Journal adds, however, that, “Declassifying details of the NSA’s role, in a program initially developed during the Bush administration and continued in the Obama administration, will likely ignite new debates over privacy.”

Of course there will be such debates and protests. Mainstream media that delighted in excoriating the Bush administration for such “intrusions” (but are strangely silent about the continuation of these policies under Obama) will probably jump all over this and remind us that it all started with the two-term Texas president. For its part, the Obama administration will make every effort to be “sensitive” to the privacy of the potential threats it monitors. The result will be a severely hampered effort that will yield far less than is hoped.

Now don’t go thinking that I am not in favor of keeping private information private. I certainly don’t want the government digging around in my electronic correspondence, even though I’m sure there’s nothing of interest there. Insurers, brokers and agents and other businesses probably don’t want to be so closely monitored either. Yet we must face the fact that cyber-criminals can hide behind such privacy concerns and laugh at our often-impotent efforts to track them down.

Somehow, a balance needs to be struck. After all, if the feds detect a threat but strip out identifying information, how will that help NSA or anyone else who wants to mitigate that threat?

And here’s another thought. Anyone with even basic knowledge of technology should already know that e-mail, in particular, is not a secure medium. E-mails can be hacked into and stolen any number of ways (witness the embarrassment of the climate change scientists caught trying to fudge climate data for their own ends). I’ve said this many times before, but if you wouldn’t want that e-mail running across the news ticker at Times Square, you probably shouldn’t send it.

It also amuses me that the same people who routinely reveal personal, private and confidential information about themselves on social networking sites are having a cow about the government seeing their dirty laundry.

What it comes down to is this: We have to trust someone to monitor potentially dangerous communications, especially where such communications concern our national security. The White House’s new cyber-security chief, Howard Schmidt, needs to lay down some guidelines that, while providing protection against unwarranted intrusions into the affairs (pun intended) of private citizens, also allows those who protect us to do their jobs effectively.

Ara C. Trembly (www.aratremblytechnology.com) is the founder of Ara Trembly, The Tech Consultant, and a longtime observer of technology in insurance and financial services.

Readers are encouraged to respond to Ara using the “Add Your Comments” box below. He can also be reached at ara@aratremblytechnology.com.

This blog was exclusively written for Insurance Networking News. It may not be reposted or reused without permission from Insurance Networking News.

The opinions of bloggers on www.insurancenetworking.com do not necessarily reflect those of Insurance Networking News.

Comments (0)

Be the first to comment on this post using the section below.

Add Your Comments...

Already Registered?

If you have already registered to Insurance Networking News, please use the form below to login. When completed you will immeditely be directed to post a comment.

Forgot your password?

Not Registered?

You must be registered to post a comment. Click here to register.

Blog Archive

Big Data Is Paying Off

Insurers are getting business benefit out of their big data projects, but these projects alone won't grow their business.

What Can Insurers Learn from Home Depot?

The latest cyber-attack highlights the importance of helping policy holders defend themselves.

Not Your Father’s Insurance Company

Carriers need to look at new and impactful ways to be there for their customers.

How to Attract Top Tech Talent

When it comes to rankings of the best places to work, insurers are few and far between. Here’s what those who make the lists do to appeal to IT professionals.

Watch Out. Apple with Mayo is Heading Your Way

From a health care, health insurance and Internet-of-things perspective, questions still remain.

New Generation of Data and Analytics in Cloud

Cloud-based data and analytics products are becoming more common among technology companies, small and midsize businesses and departments.