Why there will be no patch for the Petraeus vulnerability

Security experts had four words of advice for those wondering over the implications of the sudden resignation last week of the U.S.'s Director of Central Intelligence, General David Petraeus: 'get used to it.'

By , ITworld |  Security

Would-be lovers - stop using e-mail to communicate.

Source: CarbonNYC

The history of Washington D.C. is filled with examples of brilliant and high-achieving men and women who decide to selectively under-achieve in their personal relationships. Think "Bill Clinton and Monika Lewinsky," "John Edwards and Rielle Hunter," or "Gary Condit and Chandra Levy." The list goes on and on (and on).

Still, the extra-marital affair that brought an abrupt end to the career of Gen. David Petraeus shocked even those in The Beltway used to such things. House Minority Leader Nancy Pelosi, a longtime acquaintance likened the news to a "bolt of lightning." After all, the retired four-star general was President Obama's Director of Central Intelligence. A West Point graduate, brilliant military strategist and a veteran of the wars in Iraq and Afghanistan, Petraeus were felled by the discovery of sexually explicit Gmail exchanges with his biographer and lover, Paula Broadwell.

That's the kind of 21st century indiscretion that has ended more than a few marriages, but never before the career of so highly-placed or highly-respected a figure. As of this writing, an FBI investigation of Broadwell is ongoing, centered on her possession of classified documents and whether the former CIA Director played a role in supplying her with classified information.

News of the affair and Petraeus's resignation prompted a predictable round of remonstration about the indiscretions and fragile egos of powerful men. As of this writing, there's not much to be done about that problem. For security-conscious organizations, however, there are deeper and more troubling questions raised by the Petraeus affair. Chief among them: how best to insulate organizations from the kind of risk that comes with increasingly wired employees? Is it even realistic for companies to guard against unknown threats - from the state sponsored hacker to the spurned paramour - given a population of workers who communicate and share information across a complex social graph that encompasses both personal and professional relationships?

For many organizations, the Petraeus affair crystallized an already sneaking suspicion many had that the web of connections binding their employees to the rest of the world had become complex enough to defy security controls and even comprehension.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question