FCW Insider

Blog archive

One way to improve security: Punish the ignorant

That’s one idea proposed (in a backward sort of way) by a reader responding to a topic posted as part of the FCW Challenge, a joint FCW-GovLoop project to spark debate about key topics in the federal IT community.

Our original thesis was this: Federal employees are unknowingly placing their agencies at risk for cyber attack by not taking their own personal security measures seriously. The government should launch a new PR campaign to raise awareness and protect itself, its citizens and the economy from cyber warfare.

But the anonymous reader pointed out that everyone in the Defense Department already gets annual training, but they ignore it because DOD officials “never discipline anyone for allowing breaches.”

The reader’s solution was to put DOD and the rest of the federal government on its own “trusted Internet” for mission-critical work, “and make people walk over to a machine in the corner to interact with the outside world.”

But perhaps security training would be more effective if people were indeed motivated by fear.

What do you think? Check out the conversation here.

You can also read more about the FCW Challenge here.

Here are the other topics up for debate:

Government social networks are Towers of Babel, doomed to topple.

The Open-Government Plan is Vaporware 2.0.

Acquisition 2.0 will give ethics officers the heebie-jeebies.

A mandate for the cloud is wishing for pie in the sky.

The federal workplace will never change. Telework? Fuggedaboudit!

Posted by John Stein Monroe on May 12, 2010 at 7:25 PM

Reader Comments

Thu, May 13, 2010

M in Reston - maybe you're on to something. If the people we support want to cause a security breach, whether by accident, deliberate ignorance, or malice, who are we to stop them. You've got important work to do, and these security things are really blown way out of proportion.

Thu, May 13, 2010 Kevin Dayton

Too bad the Conversation link is blocked on USAF computers. In short, reacting to insider threats is just as important as outside threats. But implementation is a problem - some govies in some org cannot be fired/disciplined while some contractors are immediately fired for a single security violation. I think we need more lower-impact "speeding tickets" issued than career-killer felonies and "Bygones" (ref Ally McBeal).

Thu, May 13, 2010

We've nearly perfected security. Every time a new email comes in, Outlook stops working to scan it. It may take ten minutes to write three lines, but our security is good. See Homeland Security Journal article "No Dark Corners" http://www.hsaj.org/ for an alternative way to handle security.

Thu, May 13, 2010 M Reston

One thing every security weenie should understand is that PERFECT security is attainable only by shutting down the operation you support. If your security plan to is to move increments toward a shut down of the functions of the operation you support - then you should be fired. Your job is to secure the fully functioning operation, and NOT hobble or disable it. Get it? If you view the people you support as the enemy - go flip burgers!

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

What is your e-mail address?

My e-mail address is:

Do you have a password?

Forgot your password? Click here


  • POWER TRAINING: How to engage your customers

    Don't miss our June 7 Washington Technology Power Training session on Mastering Stakeholder Engagement, where you'll learned the critical skills you need to more fully connect with your customers and win more business. Read More


    In our latest Project 38 Podcast, editor Nick Wakeman and senior staff writer Ross Wilkers discuss the major news events so far in 2019 and what major trends are on the horizon. Read More

contracts DB

Washington Technology Daily

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.