IEN: What are the major security concerns facing industry? How can they be addressed?
Northrop Grumman: Industry embraces new technologies to reduce costs or accelerate the rate at which goods and/or services can be delivered or accessed. Security tends to offset these benefits by possibly increasing operational cost or decreasing operational effectiveness. This is why there are no "one size fits all" answers to most security issues. It''s all about a series of choices based on ALL variables.
For example, SCADA systems as applied in many of our national critical infrastructures are extremely vulnerable. Yet, until an event actually happens, it is difficult to quantify the potential cost of these vulnerabilities should they become a reality. Yet fixing them will have immediate direct costs, both in dollars and potentially in operational effectiveness of the systems as time/manpower savers.
The challenge is to understand the full scope of vulnerabilities (physical, cyber, programmatic, etc.), identifying the associated risk, and selecting the optimal mix of security, cost, and operational effectiveness for a situation and environment.
In addition,
- Measuring the value of security implementations to be able to make reasoned judgments in managing risk posture in line with allocating resources.
- Effectively stopping Spam and hackers. Spam emails and web "pop-ups" are becoming a tremendous problem.
IEN: Where are strides being made: In risk management? Integrated systems design? Emergency response? Hazard controls? Computer security? Elsewhere?
Northrop Grumman: The security industry is developing a wide variety of standards and guidelines to assist industry with the risk management process. State and local governments are beginning to adopt the DoD concept of system security "Certifications and Accreditations" that formally evaluate and document the risks from a security perspective and maintain a security baseline throughout the system lifecycle. This is also being looked at by specific industry sectors, such as finance and health care, as a way of providing evidence of compliance.
IEN: Where are other R & D hot spots?
Northrop Grumman: Other R & D hot spots include quantum encryption and information security forensics.
IEN: Will wireless technology play an increasing role in security? If so, how?
Northrop Grumman: Without question. Wireless will be the vehicle of choice to disseminate timely information and greatly enhance collaboration among those in the security arena -- whether on a commercial location or in support of Homeland Security initiatives. Secure wireless will enhance wireless communications by adding the security element required to protect critical information, so that more information can be shared without worry of falling into the wrong person''s hands.
With advancements in technology, new applications are being developed to empower a mobile workforce, and wireless technology is the network architecture to deliver "on the move" applications. Without secure, high-speed wireless in particular, many office-based applications wouldn''t allow users to access critical information in the field.
Wireless will increasingly be the platform to disseminate video surveillance information, allow for remote access of database files, allow for bandwidth intensive streaming applications. Wireless will be key to allow for information collection in the field . . . saving time, preventing errors, etc. For example, Border Patrol could collect fingerprint information in the field and police could enter information in the field regarding an incident, saving time and ensuring accuracy.