2016-08-29

on orchestrated falsehood and embarrassing transparency

Information Security is about protecting info.

What about disinformation? What about intentional leaking?

Sometimes, we must protect ourselves against information. These are clearly security issues concerning info. So, are they matters of Information Security? Technically, yes.

The typical impact is a compromise of correctness/integrity or confidentiality. But there is a world of difference between an embezzler and a hostile government. For new Threat Sources with new motives we'll need new defences.

2016-08-20

takeaway from Uppsala

What do I mean by security through information? What is the asset, what are we protecting?

Could be other information - think intellectual property.

Often the asset is the life and wellbeing of people, as in the case of combatting terror.

But, you ask, how is this conceptually different from the classic Chief Inspector, laying a puzzle with clues, trying to preempt the murderer's next move? There are similarities. What is different is the amount of information, and that algorithms do most of the work.

2016-08-19

reflections in Uppsala

If #EISIC2016 isn't about InfoSec, what is it? Is there a common denominator in looking for terror-inciting needles in a social haystack, in analyzing spatio-temporal data from offenders, in monitoring communication between (presumably) anonymous suspected parties?

It's not so much security of information (although that's instrumental as well). We're looking at the prospect of security through information. Collecting data, identifying patterns to gain knowledge e.g. for preempting acts of terror.

2016-08-18

inspiration in Uppsala

What am I doing at EISIC? I will hardly ever go chasing terrorists, DarkWeb execs or pirates in the Gulf of Aden. Intelligence and Security Informatics is not conventional Information Security, is it?

No, it isn't.

But security is such a challenging domain. By approaching it from other angles, we can understand it better. And that is a necessity. InfoSec desperately needs innovation. But without humility and inspiration from other fields, it's just not going to happen. Hence EISIC. Time well spent.
20240205