Survival Guide: Peter Earnest, executive director, International Spy Museum
<FONT SIZE=2>Hear the word "spy," and you just know someone is up to no good. But let's not give the profession that bad a rap. Peter Earnest, executive director of the International Spy Museum in Washington and a 36-year veteran of the CIA, knows all the secrets about the practical, every-day applications of subterfuge, which he shared with Managing Editor Evamarie Socha. </FONT>
Peter Earnest
J. Adam Fenster
WT: What does spying teach us? What lessons does it hold for companies?
Earnest: Successful spies -- even those eventually caught -- have changed the course of history. They stole the secret of the atom bomb and advanced the USSR's development of its own bomb by well over a year, perhaps two. It shows us that our most precious secrets, [which would be] proprietary info in companies, are only secure to the extent we can protect them from spying aimed at stealing them. Is there a weakest link in your company who might be suborned or even become a spy?
WT: What makes a good spy?
Earnest: Think investigative journalist or talented professional investigator or auditor who turns to spying. The spy needs the skills to maintain his or her cover of innocence, the ingenuity to exploit and even expand access to targeted information and the wit and survival sense to not be detected.
WT: What are the practical applications of spying?
Earnest: The practical applications are infinite. The skills of spying can serve anyone seeking to find out information or data that is not overtly available or is otherwise denied them. "Human engineering," as you probably already know, is how most hackers covertly elicit unwitting individuals' passwords.
WT: How important are secrets?
Earnest: How important is your most sensitive propriety information? How critical is it for Saddam Hussein to protect whether or not he has developed weapons of mass destruction? How secret are the president's movements if we know there is a group stalking him at this time?
WT: What is the biggest security mistake companies make?
Earnest: Companies tend to overvalue physical security measures and undervalue the threat of penetration by spying, perhaps by outside elements using inside contacts; there are lots of combinations. Company employees, just like their government counterparts, can be unwitting dupes.
WT: What is the biggest security threat right now? In the future?
Earnest: The biggest security threats right now are those systems in the United States, for example, which are most vulnerable to attack and misuse by those foreign elements, such as Al Qaeda, that are actively seeking to wreak the greatest possible damage on America: nuclear and other power plants, utilities, underground transportation systems, etc.
WT: If the United States declares war on Iraq, what is the first security move companies should make?
Earnest: Companies should review their existing security procedures, physical and other, for enhancement and consider that elements of their work forces may be targeted for exploitation by Iraqis or their surrogates, such as Al Qaeda-type elements that may already be in the United States in sleeper cells.
WT: How do I know you're telling me the truth?
Earnest: The answer is you don't, anymore than you know whether anyone is telling you the truth, including your own parents. Trust -- believing another person is telling you the truth -- is the outcome of a relationship that is built up over time, whether it refers to believing your parents, your spouse, your friends, your employer, a secret agent or your country. *
NEXT STORY: The IT crowd