Information Security is about protecting info.
What about disinformation? What about intentional leaking?
Sometimes, we must protect ourselves against information. These are clearly security issues concerning info. So, are they matters of Information Security? Technically, yes.
The typical impact is a compromise of correctness/integrity or confidentiality. But there is a world of difference between an embezzler and a hostile government. For new Threat Sources with new motives we'll need new defences.
2016-08-20
takeaway from Uppsala
What do I mean by security through information? What is the asset, what are we protecting?
Could be other information - think intellectual property.
Often the asset is the life and wellbeing of people, as in the case of combatting terror.
But, you ask, how is this conceptually different from the classic Chief Inspector, laying a puzzle with clues, trying to preempt the murderer's next move? There are similarities. What is different is the amount of information, and that algorithms do most of the work.
Could be other information - think intellectual property.
Often the asset is the life and wellbeing of people, as in the case of combatting terror.
But, you ask, how is this conceptually different from the classic Chief Inspector, laying a puzzle with clues, trying to preempt the murderer's next move? There are similarities. What is different is the amount of information, and that algorithms do most of the work.
veracity, validity & visibility? Roger Clarke on Quality Assurance for security applications of Big Data. https://t.co/m8eaMFcelg #EISIC2016— per stromsjo (@stromsjo) August 19, 2016
2016-08-19
reflections in Uppsala
If #EISIC2016 isn't about InfoSec, what is it? Is there a common denominator in looking for terror-inciting needles in a social haystack, in analyzing spatio-temporal data from offenders, in monitoring communication between (presumably) anonymous suspected parties?
It's not so much security of information (although that's instrumental as well). We're looking at the prospect of security through information. Collecting data, identifying patterns to gain knowledge e.g. for preempting acts of terror.
It's not so much security of information (although that's instrumental as well). We're looking at the prospect of security through information. Collecting data, identifying patterns to gain knowledge e.g. for preempting acts of terror.
hw>sw>systems>services: Kowalski on adding value to the socio-technical global cybersecurity value chain. #EISIC2016 https://t.co/KEl93Ppw7j— per stromsjo (@stromsjo) August 18, 2016
2016-08-18
inspiration in Uppsala
What am I doing at EISIC? I will hardly ever go chasing terrorists, DarkWeb execs or pirates in the Gulf of Aden. Intelligence and Security Informatics is not conventional Information Security, is it?
No, it isn't.
But security is such a challenging domain. By approaching it from other angles, we can understand it better. And that is a necessity. InfoSec desperately needs innovation. But without humility and inspiration from other fields, it's just not going to happen. Hence EISIC. Time well spent.
No, it isn't.
But security is such a challenging domain. By approaching it from other angles, we can understand it better. And that is a necessity. InfoSec desperately needs innovation. But without humility and inspiration from other fields, it's just not going to happen. Hence EISIC. Time well spent.
cashing out is the main interest of cyberfraudsters. downloading & mining Russian hacker-forums brings insight to means &methods. #EISIC2016— per stromsjo (@stromsjo) August 17, 2016
Subscribe to:
Posts (Atom)