Although Charles offered an excellent summation of the Wikileaks drama that’s been unfolding I wanted to offer my two cents on what’s happening.
#1. Who are you hiring?
Have you done background checks on your employees? If you’re running a data center you need to think about this. Granted, the Soldier who released the documents had a security clearance and one of the most rigorous background checks in the States. However, because proper controls were not in place to stop him he was able to easily download files. There were also red flags everywhere that in a smaller business would have gotten picked up far earlier. Why did he do it? He was probably tired of getting the Colonel coffee. Remember, people don’t always follow the most logical reasoning. Do you trust and believe in your employees?
#2. Source Code
It’s been revealed in Wikileaks that a certain foreign government may have assisted in hacking American companies and stealing source code. To major software companies in the United States their source code is their lifeblood. Additionally, I have to imagine that’s not all that was stolen. Can you imagine if you could learn literally EVERYTHING about your competition? What if your competition knew everything about you? Scary thought, isn’t it?
#3. A Chain is only as strong..
We all know the old adage “a chain is only as strong as it’s weakest link”. What’s your weakest link? Is it a piece of code? An employee? Someone unplugging your servers? Take some time and review what your weakest links are. I guarantee the US Government never thought that their world would be rocked by a Private in Iraq and Julian Assange. Are you prepared for a wild card?