We are defined digitally by attributes such as our names, addresses, birth dates, genders and telephone numbers. These data points, along with our general interests, which are logged and tracked by browsers and third-party sites every time we use the Internet, are monetizable commodities to businesses and criminals alike. We readily (if passively) offer our valuable personal information to businesses like Google, Facebook, Twitter, Instagram and Vine—for free. As we bypass those pesky user agreements to get to the fun stuff, many of us forget that what we share ends up in vast databases to be utilized for profit.
With so much data flowing in so many directions, clear or encrypted, information technology and information security are now inexorably linked. But for all that we share for free, who or what is collecting our data is an acceptable mystery to most of us. At least, until that mystery takes the face of someone like Edward Snowden. Prior to the recent developments regarding his political status (and travel itinerary), media attention mainly focused on Snowden’s revealing of secrets from his time at Booz-Allen contracting for the NSA, but from the outside looking in, he is indicative of a problem—outsourcing—that is growing at many organizations that are not adapting to these security changes.
When organizations—whether governmental or corporate—choose to shortcut areas of information technology, they risk establishing a reliance on hiring out for a certain skillset over using their employees’ skills and encouraging their individual professional development. The NSA chose this path by using the Virginia-based contractor USIS for one of its more sensitive data projects, and the result was the placement of one temporary, noncommittal consultant: Snowden. It has also been reported that USIS is under investigation for not properly vetting Snowden’s background.
Information technology has expanded its reach into all aspects of companies’ operations, which has resulted in the repurposing of data as a commodity that nearly every employee contributes to or reports on daily. So, when students study the practices of information security and risk management as part of the Informatics curriculum at the College of Professional Studies (CPS), the purpose is to equip them to be pro-active data stewards that refuse to rest under the protection from existing threats—and are constantly on the watch for the next ones.
Similarly, the CPS Homeland Security program develops an understanding of the nature and sources of threats to social, political and economic systems—with information security playing a key role. The goal? Lifelong appreciation and recognition of their data as an extension of themselves, and the development of an ethical expertise—not just for their own personal or professional gain—but for the continued security of their friends, their families and their communities. Regardless of where one falls on the political spectrum, the degree in Homeland Security is vested in protecting the homeland. When this is done well and properly, it is invisible. When it’s done poorly, everyone sees the outcomes.