No Such Thing As Secure?

Linda Cureton, chief information officer at NASA, has news for you: Believing that policies, programs and technologies create a secure cyber environment does not automatically make it so.

In a recent blog post, Cureton writes, "To produce different results, we have to change our beliefs. We need to do the same thing for our cyber insecurities."

Cureton points out that an ideal "secure" state isn't necessarily what agencies should be striving for. Rather, they should focus on increasing situational awareness, or knowing what hackers are up to, and understanding risks and threats. Knowledge is power when it comes to producing results, she says.

Those results need to be mission relevant, however. Data leakage or unauthorized access, for example, may be acceptable for scientific data that is readily open and available to the public. However, integrity of the same data must be trusted in order to prevent inaccuracies and maintain confidence in conclusions.

So "secure" may not be realistic for now, but agencies can take charge of their cyber situation by improving their understanding of reality.