Intelligent Enterprise

Better Insight for Business Decisions
Intelligent Enterprise - Better Insight for Business Decisions
search Intelligent Enterprise
Advanced Search
RSS
Webcasts
Digital Library
Subscribe
Home



September 1, 2003

Shared Risk, Shared Rewards

Why is homeland security driving IT innovation? The risks of terrorism endanger both public and private sectors, and privacy concerns must still be satisfied. But potential rewards through collaborative ventures are coming clear

by Seth Grimes

Continued from Page 2

TIA would have combined commercial technologies with those developed at DARPA (which themselves would eventually be available for commercial application): however, in July 2003, the U. S. Senate voted to end TIA's funding due to inadequately addressed privacy concerns. Information intelligence efforts were also slowed in June when the government put its other highly visible and controversial program, Computer-Assisted Passenger Pre-Screening (CAPPS II) on hold due to similar issues of privacy. CAPPS II would apply predictive models based on personal financial and other information to assign "threat levels" to air passengers. The lesson learned from TIA and CAPPS II is that overly invasive technology is more likely to be rejected than to enhance security.

US-VISIT has been far less controversial because it plans to focus on noncitizens. The program would use primarily commercial technologies to create a system that, according to Homeland Security secretary Tom Ridge, "will be capable of using information, coupled with biometric identifiers, such as photographs, fingerprints, or iris scans, to create an electronic check-in/check-out system for people who come to the United States to work, study, or visit." The US-VISIT system is scheduled for initial deployment in January 2004 — a date nine months earlier than first planned. Identix aims to be a key US-VISIT biometrics provider. But whether Identix is chosen or not, CEO Atick believes that "biometrics are immediately and exactly adaptable without major modification" for private sector applications, first in banking, transportation, and healthcare and later for needs of enterprises in all sectors.

Risks and Motivations

TIA and US-VISIT are examples drawn from a much larger set of research, development, and implementation-stage efforts under way at the DHS, the Department of Defense, and other agencies. It's not clear that the solutions currently being planned, developed, and implemented are sufficient. Will security strategies and technologies be on target, robust, and comprehensively applied?

In June, Bruce Schneier, founder and CTO of Counterpane Internet Security Inc. testified at a hearing of the U. S. House of Representatives Homeland Security Subcommittee on CyberSecurity, Science, and Research and Development that "Quantifying the risks is difficult, because we simply don't have the data. Most of what we know is anecdotal, and what statistics we have are difficult to generalize." Schneier was discussing cybersecurity specifically — that is, securing software deployed on the Internet. But his observation applies in just about all homeland security domains as does his observation that "Companies are good at risk management, but they're only going to consider their own risks; the ancillary risks to our critical infrastructure will not be taken into account." In other words, techniques and tools designed for private-sector problems likely haven't been designed or implemented in ways that scale beyond immediate needs. Schneier continues that cybersecurity "needs to be improved, but those who can improve it ... are not motivated to do so."

A number of IT solution providers have made strong commitments to adapt to the new world even if, in Schneier's view, the commitments are far from fully realized. Don Hatcher, vice president of Technology Strategy, says, "Homeland security has meant that we've had to rethink how we do business." Chris Laidlaw, IBM's director of sales for Safety and Security similarly says that increasingly "product-line managers are asking: 'what more can we put in here? What are our [homeland security] customers asking?'" Alex Moissis, vice president of Product Strategy at Business Objects reports that "two areas that have always been core to our product development direction are security (protecting the data) and data access from distributed sources. We had been working closely with security experts at many of our largest customers, including government agencies, long before the DHS was established."

In his House Committee testimony, Counterpane CTO Schneier urged the government to "use buying power to drive increased security. U.S. government procurement can be a potent tool to drive research and development. If it demands more secure products, companies will be forced to deliver. Once companies deliver products to the increasingly demanding specifications of the government, the same products will be made available to private organizations as well."



Rate This Article

Comments:

Optional e-mail address:

Government and private security needs are closely related and in many cases intertwined. Homeland security requirements are driving technology innovations that can and should be applied to mitigate risks in large and small commercial enterprises, which must make an active effort to address potential vulnerabilities, in the name of both commercial and national security concerns.


Seth Grimes [grimes@altaplana.com], Intelligent Enterprise contributing editor, runs Alta Plana Corp., a Washington, D.C.-based consultancy specializing in analytic computing systems and demographic, economic, and marketing statistics.

RESOURCES

Defense Advanced Research Projects Agency: www.darpa.mil

Homeland Security Act of 2002: www.thomas.loc.gov/cgi-bin/query/z?c107:h.r.5005.enr

In-Q-Tel: www.in-q-tel.com

National Science Foundation factsheet on "Data Mining and Homeland Security Applications:" www.nsf.gov/od/lpa/news/03/fact030124.htm

Testimony to the House Committee on Homeland Security: hsc.house.gov/files/Testimony_Schneier.pdf

U.S. Department of Homeland Security: www.dhs.gov

Related Article at IntelligentEnterprise.com:

"Look Before You Leap" June 17, 2003


Most Popular This Week
Nine Choices on the Road to BI Solution Centers
Business Process Management 101: The Basics of BPM and How to Choose the Right Suite
Performance Management: Link Operational Decisions to Strategy
Business Intelligence 2.0: Simpler, More Accessible, Inevitable

IE Weekly Newsletter
Subscribe to the newsletter
    Email Address







InformationWeek Business Technology Network
InformationWeekInformationWeek 500InformationWeek 500 ConferenceInformationWeek AnalyticsInformationWeek CIO
InformationWeek EventsInformationWeek ReportsInformationWeek MagazinebMightyByte and SwitchDark Reading
Digital LibraryIntelligent EnterpriseInternet EvolutionNetwork ComputingNo JitterPlug Into The Cloud
space
Techweb Events Network
InteropVoiceConWeb 2.0 ExpoWeb 2.0 SummitEnterprise 2.0 ConferenceMobile Business ExpoSoftware ConferenceCSI - Computer Security Institute
Black HatGTECEnergy CampMashup CampStartup Camp
space
Light Reading Communications Network
Light ReadingLight Reading EuropeUnstrungLight Reading's Cable Digital NewsConstantinopleInternet EvolutionPyramid Research
Heavy ReadingLight Reading Live!Light Reading InsiderEthernet ExpoOptical ExpoTeleco TVTower Technology Summit
space
Financial Technology Network
Advanced TradingBank Systems & TechnologyInsurance & TechnologyWall Street & TechnologyAccelerating Wall StreetBank Systems & Technology Executive SummitBuyside Trading SummitInsurance & Technology Executive Summit
space
Microsoft Technology Network
MSDN MagazineTechNetThe Architecture Journal
space