What Businesses Can Learn from WikiLeaks

Sue Marquette Poremba

It's the topic everybody is talking about this week: WikiLeaks. For those of us who are news junkies, it has been a fascinating, if not disturbing and worrisome, story to follow. For those who are involved in enterprise security, it should be causing some concern. The information that has been published on WikiLeaks shows one of the biggest security flaws in any organization: the disgruntled employee.


A NetworkWorld article pointed out that while it is the angry employee "going postal" on the company with violence that grabs the headlines, there are thousands of other employees who are unhappy or have an ax to grind against their employers and want to do something to sabotage the business. There are too many gaps in the way secure data is handled and too many points of access for unauthorized users. Quoting Doug Powell, manager of smart grid security at BC Hydro in Vancouver, the article stated:

While it is important to have properly defined roles, privileges and access levels, secondary protocols are needed to control the way data is manipulated in a trusted environment. Equally important is the need for controls to monitor even the most trusted of personnel, Powell said. Being 'trusted' should not imply less scrutiny, it should imply greater scrutiny given that greater trust assigned to an individual allows for a greater potential for loss.

The WikiLeaks story falls on the heels of a survey published by Solera that found most companies aren't prepared with an effective response to security events. According to Solera Networks VP of marketing and product management, Pete Schlampp:

Recent posting of confidential diplomatic cables on WikiLeaks further supports the fact that organizations are ill-prepared to protect valuable and sensitive data. As reported in a recent Solera Networks survey on network forensics, a vast majority of organizations-government or enterprise-are not adequately prepared to determine the source and scope of hacks, cyber attacks or information leaks. They cannot produce clear digital evidence of a network security event. The survey found that 96 percent of those surveyed recognize the importance of real-time situational awareness-yet only about 19 percent say they have any capability to determine the extent of a breach or leak. In-depth interviews from the survey further indicate that only a fraction of the supposed prepared group can gather enough information from an attack to prevent it again in the future.

Add Comment      Leave a comment on this blog post
Dec 5, 2010 11:00 AM George Vreeland Hill George Vreeland Hill  says:

I applaud WikiLeaks and what they are doing on the Internet.

WikiLeaks is exposing the U.S. Government and others for the frauds they are.

The U.S. Government lies, cheats, steals, kills, takes, ruins and on and on.

When it comes to war, the government is just as bad.

The numbers are way off and the truth is hidden.

The military lies and covers up.

Want proof?

Just ask the family of Pat Tillman.

Look at the self interest politicians.

Look at the IRS.

Look at the FBI, the CIA and other government groups that waste your money, bully, spy and worse.

Look at the police, the courts and others who get away with far worse crimes than the people they put away.

The U.S. Government is a load of bs and needs to be brought down.

The people have had enough.

In George Orwell's novel Nineteen Eighty-Four, there is a legendary phrase ... "Big Brother is watching you."

That big brother turned out to be big government.

Times are changing.

Now we are watching them and the truth is being told.

Thank God for WikiLeaks.

Instead of trying to shut it down, we the people need to shut down the U.S. Government and all of the others that WikiLeaks has exposed.

It is clear that the truth is something governments, leaders, bankers and many others do not like.

They can shut down Websites, but they can't shut us up.

I am,


Dec 6, 2010 8:37 AM Andy Bochman Andy Bochman  says:

Good article Sue.  Both main points are helpful: more (not less) scrutiny of more trusted folks, and some kind of response/recovery/survival plan are essential.


Dec 14, 2010 5:57 AM pes pes  says:

Andy said it all


Post a comment





(Maximum characters: 1200). You have 1200 characters left.



Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.