Blog

Einstein Will Be Ineffective—Relatively Speaking

Ara Trembly
Insurance Experts' Forum, March 8, 2010

It’s not often I get an opportunity to say, “I told you so,” so quickly after opining on a topic. I recently noted here that one reason we are losing the battle against cyber-crime is that “privacy advocates” will stand in the way of the kind of monitoring necessary to catch Internet-based crooks and terrorists. 

Lo and behold, it didn’t take long for someone else to confirm that privacy issues are likely to dilute the effectiveness of our Internet security efforts. According to the Wall Street Journal, the National Security Agency is bolstering an existing Homeland Security program—dubbed Einstein—to detect and respond to cyber attacks on government systems, and perhaps on any business system deemed critical to U.S. interests.

“The current version of the program is widely seen as providing meager protection against attack, but a new version being built will be more robust—largely because it’s rooted in NSA technology. The program is designed to look for indicators of cyber attacks by digging into all Internet communications, including the contents of e-mails,” according to the Journal.

In an apparent nod to those worried about privacy, Homeland Security will then strip out identifying information and pass along data on new threats to NSA. It will also use threat information from NSA to better identify emerging cyber attacks. The Journal adds, however, that, “Declassifying details of the NSA’s role, in a program initially developed during the Bush administration and continued in the Obama administration, will likely ignite new debates over privacy.”

Of course there will be such debates and protests. Mainstream media that delighted in excoriating the Bush administration for such “intrusions” (but are strangely silent about the continuation of these policies under Obama) will probably jump all over this and remind us that it all started with the two-term Texas president. For its part, the Obama administration will make every effort to be “sensitive” to the privacy of the potential threats it monitors. The result will be a severely hampered effort that will yield far less than is hoped.

Now don’t go thinking that I am not in favor of keeping private information private. I certainly don’t want the government digging around in my electronic correspondence, even though I’m sure there’s nothing of interest there. Insurers, brokers and agents and other businesses probably don’t want to be so closely monitored either. Yet we must face the fact that cyber-criminals can hide behind such privacy concerns and laugh at our often-impotent efforts to track them down.

Somehow, a balance needs to be struck. After all, if the feds detect a threat but strip out identifying information, how will that help NSA or anyone else who wants to mitigate that threat?

And here’s another thought. Anyone with even basic knowledge of technology should already know that e-mail, in particular, is not a secure medium. E-mails can be hacked into and stolen any number of ways (witness the embarrassment of the climate change scientists caught trying to fudge climate data for their own ends). I’ve said this many times before, but if you wouldn’t want that e-mail running across the news ticker at Times Square, you probably shouldn’t send it.

It also amuses me that the same people who routinely reveal personal, private and confidential information about themselves on social networking sites are having a cow about the government seeing their dirty laundry.

What it comes down to is this: We have to trust someone to monitor potentially dangerous communications, especially where such communications concern our national security. The White House’s new cyber-security chief, Howard Schmidt, needs to lay down some guidelines that, while providing protection against unwarranted intrusions into the affairs (pun intended) of private citizens, also allows those who protect us to do their jobs effectively.

Ara C. Trembly (www.aratremblytechnology.com) is the founder of Ara Trembly, The Tech Consultant, and a longtime observer of technology in insurance and financial services.

Readers are encouraged to respond to Ara using the “Add Your Comments” box below. He can also be reached at ara@aratremblytechnology.com.

This blog was exclusively written for Insurance Networking News. It may not be reposted or reused without permission from Insurance Networking News.

The opinions of bloggers on www.insurancenetworking.com do not necessarily reflect those of Insurance Networking News.

Comments (0)

Be the first to comment on this post using the section below.

Add Your Comments...

Already Registered?

If you have already registered to Insurance Networking News, please use the form below to login. When completed you will immeditely be directed to post a comment.

Forgot your password?

Not Registered?

You must be registered to post a comment. Click here to register.

Blog Archive

Global Supply Chain, Local Problem

As a technology provider, your clientís ability to deliver products and services to their customers, when and where they need them, is at the heart of their business success.

Legacy Systems Are Increasingly a Competitive Handicap

Legacy systems, while reliable, increasingly hold insurers back, a new study finds

From Her to Watson, and What’s Next?

Imagine a learning system that can replace the performance of your best employee to provide the same level of support across the organization.

Five Reasons to Software-Define Your Operations

It may be possible to provision key services with the click of a mouse, but benefits go well beyond that.

3 Policy Admin Conversion Considerations

Insurers would be wise to learn these lessons before formulating a strategy to convert policies to a new policy administration system.

Boyle’s 4th Law - Response Time Matters!

Why many companies donít do a good job of measuring the thing that clients value the most.