Establishing Digital Trust: Don't Sacrifice Security for Convenience
Department of Homeland Security (DHS) Secretary Janet Napolitano is seeking to tamp down concerns over the mistaken posting of secret airport security information on the Internet, telling a Senate committee Wednesday morning that the department is taking actions against the individuals responsible and downplaying the severity of the breach.
"The security of the traveling public has never been put at risk," Napolitano told members of the Judiciary Committee at an oversight hearing. "That document that was posted was an out-of-date document. Nonetheless the posting of it did not meet our own standards for what should be available on the Net and not available on the Net."
The document that recently surfaced online detailed operating procedures, such as airport screening techniques, settings for X-ray machines, and a list of countries whose citizens would be subjected to enhanced scrutiny when traveling.https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i
Napolitano said that several employees involved in the incident have been placed on administrative leave, and the contract worker who posted the document "has been dealt with appropriately," though she did not elaborate on the specific steps the department is taking.
"We have already initiated personnel actions against the individuals involved," Napolitano said. "We have already instituted an internal review to see what else needs to be done so that the incident never recurs."
She said that the department is revisiting with employees its policies regarding posting materials on the Web, as well as guidelines for redacting sensitive information.
DHS Inspector General Richard Skinner is handling the review, Napolitano said.
A blueprint for terrorists?
TSA acknowledged the mistake earlier this week, a revelation that touched off widespread concern that the manual could become a blueprint for terrorists looking to elude airport security.
At this morning's hearing, Napolitano also fielded questions about DHS' evolving role in federal cybersecurity efforts, telling the senators that the department is working closely with other federal agencies to coordinate and pool resources.
In May, President Obama released a report outlining the recommendations of a sweeping cybersecurity policy review he commissioned in February.
At the time, Obama pledged to create a new position in the White House, situated in both the National Security Council and National Economic Council, to oversee federal cybersecurity and coordinate efforts among Congress, the private sector, and the many agencies involved.
That position remains unfilled, but Napolitano said that DHS has been ramping up staffing and positioning itself as the primary agency protecting the civilian side of the Internet.
"DHS has moved to -- as the President's policy review suggested -- to be the lead agency for the protection of the .gov sites, as well as intersection with the private sector on .org and .com sites," Napolitano said.
In October, Napolitano announced that DHS was beginning an aggressive recruiting drive, looking to bring on 1,000 cybersecurity experts over the next three years.
Kenneth Corbin is an associate editor at InternetNews.com. Based in Washington, D.C., Kenneth's coverage areas range from government regulation to e-commerce and online media.