Peter Clarke, head of Scotland Yard's anti-terrorist branch, told the BBC that the surveillance involved in foiling the plot to blow up trans-Atlantic planes had been "unprecedented". Officials haven't said if it involved data mining, but experts say that data mining can be a valuable tool in the war on terror if it is applied properly. The question is: Is it?
On the evening of September 27, 2001, Howard Rubin, a computer science professor at City University of New York who had advised the Clinton administration on technology issues, was home observing Yom Kippur, the holiest day on the Hebrew calendar.
Observant Jews don't work, drive or use appliances on Yom Kippur, but Rubin had a strong feeling he should pick up the phone when it rang that night."
"My wife didn't want me to answer it," he recalls. But he did.
On the other end of the line was one of the most senior members of the previous administration. He wanted to know if Rubin knew of any technologies the government could use to help catch terrorists.
Rubin's answer has since become a technology mantra among members of the intelligence community: data mining, he told the official.
Data mining is a relatively new field within computer science. In the broadest sense, it combines statistical models, powerful processors, and artificial intelligence to find and retrieve valuable information that might otherwise remain buried inside vast volumes of data. Retailers use it to predict consumer buying patterns, and credit card companies use it to detect fraud. In the aftermath of September 11, the government concluded that data mining could help it prevent future terrorist attacks.
A Proliferation of Projects
Experts say that the US government, and in particular the intelligence community, has come to rely heavily on data mining. A 2004 Government Accountability Office report found that US federal agencies were actively engaged in or planning 199 data mining projects. Of these, 14 focused explicitly on catching terrorists and preventing attacks, a total that does not include projects at seven agencies (such as the CIA and the National Security Agency) that did not respond to the GAO survey. Over the past year, The New York Times, ]USA Today and other media outlets have uncovered top-secret programs within those agencies that collect and look for patterns in phone records, e-mail headers and other personal information. When these programs were made public, President Bush and other members of his administration defended them as critical to the war on terrorism.
Given the administration's commitment to programs using these data mining tools and the pressure on everyone to prevent another attack, it comes as no surprise that these projects are being approved by agency heads in the US almost as fast as they are being conceived, experts say. "There is a real fear of not going down this path, because if there is value you don't want to be on the side that opposed [a data mining project]," says Robert Popp, who was deputy director of the Information Awareness Office at the Defence Advanced Research Projects Agency. Of course, US government officials also have a straightforward reason for pursuing data mining projects, says Robert Gourley, CTO of the Defence Intelligence Agency: "We want to protect our country and our way of life . . . "
No Scope, No Budget, No End
But some experts are beginning to question whether an IT strategy of unlimited scope, budget and schedule will best serve that end. It's a conundrum CIOs face every day. IT projects, no matter how vital, tend to fail when controls don't exist or those controls fall away in the face of a time crunch or crisis. Lack of oversight is the chief cause of project failures, according to the Standish Group, an analyst firm that tracks IT success rates. It leads to overly ambitious projects, an unwillingness to change the original vision and inattention to signs that something isn't working. "It doesn't matter if it is a supply chain project, an ERP system or data mining - those things need to be considered," says Jim Johnson, the Standish Group's chairman.
"No one [in the US government] has looked at data mining from an IT value perspective," says Steve Cooper, former CIO of the US Department of Homeland Security (DHS). "I couldn't figure out [the value of data mining] when I was in DHS, and I can't figure it out now. But that didn't stop us from using it."
In other words, according to Cooper, no one has done a business case analysis to determine whether the government is getting a return on its investment. Instead, a rationalization is usually sufficient: If a project has a chance to catch just one terrorist, then it is worth it.
Given that the US government's track record on IT project management is particularly poor, a lack of typical IT project analysis, prioritization and management controls could backfire. Badly. Experts worry that projects could drag on for years and that good projects could be thrown out with the bad because of privacy and civil liberties issues. (In fact, the US Congress has already halted a number of data mining projects, including the Department of Defence's Total Information Awareness project, an ambitious 2003 attempt to create a massive database containing just about everything and anything that could be used to identify possible terrorists.)
Experts are also concerned that in its zeal to apply technology to antiterrorism, the government could disrupt the crime-fighting processes of the agencies that are charged with finding and stopping terrorists before they act. As any good CIO knows, if users see a system as an obstacle to getting their jobs done effectively, they will rebel or simply ignore it - in this case, with potentially disastrous consequences.
Among data mining experts, there is a growing sense that the US government needs to apply the same kind of analysis to its antiterrorism IT strategy that CIOs in the private sector use to keep their projects from spinning out of control. "These projects have perfectly reasonable goals," says Fred Cate, director of the Centre for Applied Cybersecurity Research at the University of Indiana. (Cate was counsel for the Technology and Privacy Advisory Committee created in 2003 by US Secretary of Defence Donald Rumsfeld to study his agency's use of data mining.) "But there's no oversight procedure," he says.
- +
Ticked Off at Tick the Box Mentality 04 February, 2008 13:01:15
Does your executive search firm know the difference between an MIS manager and a CIO, and if it does, can it explain that difference to its corporate clients?Does your executive search firm know its MIS managers from its elbow? Does it even know the difference between an MIS manager and a CIO, and if it does, can it explain that difference to its corporate clients?
- +
Adobe launches hosted services, adds Flash to Acrobat 03 June, 2008 09:02:44
Adobe to launch Web site offering users free hosted services for document creation, sharing and storageAdobe this week is set to unveil the next version of its Adobe Acrobat software, which adds support for the company's Flash multimedia technology. The company also plans to launch a new Web site offering users free hosted services for document creation, sharing and storage.
Read up on the latest ideas and technologies from companies that sell hardware, software and services. - White PaperYour organisation may well have devised and implemented an Acceptable Use Policy (AUP) some time ago in order to guard against the risks of inappropriate use of computer systems by your workers, but are you confident that your AUP remains 'fit for purpose'? Read on to discover how you can enhance the effectiveness of your AUP.
- White PaperJoin industry expert Martin Tuip to discover best practice strategy for the archival and removal of .PST files using email archiving. Learn how to ensure long-term email records are there when needed, and reduce the risk to your business and clients.
- White PaperJoin Lee Benjamin, a Microsoft Exchange MVP and Ryan Shipkowski, network administrator for Matthews, to discuss the process and ROI of implementing an email archiving solution, with emphasis on a case study from Matthews International.
Discover how SOA can create smarter outcomes for your business.
Attend and learn:
- How SOA is helping leading companies to become more agile
- Where you should be applying SOA processes in your company
- The top SOA implementation mistakes to avoid
Click here for more information.
- +
CIO Live Podcast #79: Brent D Taylor, author of The Outsider's Edge: The Making of Self-Made Billionaires Part II 05 October, 2007 06:00:00
For his new book, The Outsider's Edge: The Making of Self-Made Billionaires, social researcher Brent D Taylor spent four years of intensive research investigating the psychological make-up and backgrounds of some of the world's richest men and women, including IT luminaries Bill Gates, Larry Ellison and Steve Jobs. Taylor discovered that, despite working in different industries and coming from different upbringings, they all have one thing in common -- they are all outsiders. - +
CIO Live Podcast #78: Brent D Taylor, author of The Outsider's Edge: The Making of Self-Made Billionaires 28 September, 2007 17:34:25
For his new book, The Outsider's Edge: The Making of Self-Made Billionaires, social researcher Brent D Taylor spent four years of intensive research investigating the psychological make-up and backgrounds of some of the world's richest men and women, including IT luminaries Bill Gates, Larry Ellison and Steve Jobs. Taylor discovered that, despite working in different industries and coming from different upbringings, they all have one thing in common -- they are all outsiders. - +
CIO Live Podcast #77: Panasonic Speeds Up Trans-Pacific File Transfers, Part III 21 September, 2007 07:00:00
Part three in our three-part special report from CIO's sister publication Network World in the US, as Paul Desmond reports from the Network World IT Roadmap Conference in Santa Clara, California. With development teams in the US and Japan, Panasonic needed a more efficient way to move very large files between the two locations. Iben Rodriguez, IT consultant for Panasonic Research and Development, explains how a storage-area network and virtual server technology helped speed up WAN performance. - +
CIO Live Podcast #76: Panasonic Speeds Up Trans-Pacific File Transfers, Part II 14 September, 2007 07:00:00
Part two in our three-part special report from CIO's sister publication Network World in the US, as Paul Desmond reports from the Network World IT Roadmap Conference in Santa Clara, California. With development teams in the US and Japan, Panasonic needed a more efficient way to move very large files between the two locations. Iben Rodriguez, IT consultant for Panasonic Research and Development, explains how a storage-area network and virtual server technology helped speed up WAN performance. - +
CIO Live Podcast #75: Panasonic Speeds Up Trans-Pacific File Transfers, Part I 07 September, 2007 07:00:05
Part one in our three-part special report from CIO's sister publication Network World in the US, as Paul Desmond reports from the Network World IT Roadmap Conference in Santa Clara, California. With development teams in the US and Japan, Panasonic needed a more efficient way to move very large files between the two locations. Iben Rodriguez, IT consultant for Panasonic Research and Development, explains how a storage-area network and virtual server technology helped speed up WAN performance.
- +
Chris Hoff on Virtualization and Cloud Computing 20 November, 2008 10:55:00
Chris Hoff, chief security architect for the systems and technology division at Unisys and an advisor on the Skybox Security customer advisory board, is one of the biggest critics of virtualization security out there. Not because it isn't important - but rather because it is vital and needs to mature rapidly. - +
Cybersecurity is focus of new start-up incubator 20 November, 2008 07:19:00
Texas uni announces the Institute for Cyber Security.The University of Texas at San Antonio Tuesday announced a technology incubator aimed at fostering IT security-based start-ups within the state. - +
Dilip Sarangan on Physical Security M&A 20 November, 2008 11:18:00
Dilip Sarangan tracks physical security companies for Frost & Sullivan. He expects the industry's "need to have" products to weather the economic storm well, with the big players (now including IBM and Cisco) looking for value-priced acquisitions. - +
International Challenges in PCI Security 20 November, 2008 09:15:00
In a country that's seen many regulatory compliance challenges this decade, the headaches of PCI security tend to be analyzed from a largely American perspective. - +
PCI council sharpens oversight of security auditors 19 November, 2008 10:53:00
Quality assurance plan targets security assessors and scanning vendorsThe PCI Security Standards Council Monday unveiled a plan to sharpen oversight of the hundreds of security-service providers now authorized to evaluate merchant networks under the organization's Payment Card Industry data standards.
Vignette Announces 2008 Excellence Awards 21 November, 2008 10:50:00
PGP and Ponemon Institute Unveil Inaugural Australian Data Breach Study 2008 20 November, 2008 17:34:00
Symantec Cloud Services Transform Data Centre Operations Through Proactive Management 20 November, 2008 12:06:00
Verizon Business Offers Tips to Building a Successful Unified Communications and Collaboration Plan 20 November, 2008 12:04:00
AARNet Brings 4K Digital Cinema to Australia: First 4K HD Video Signal delivered into Australia by AARNet 20 November, 2008 12:02:00
|
||
|
||
|
|
||
|
Dude! You Say I Need an Application-Layer Firewall?!
Proxy firewall technologies have proven time and again to be more secure than “stateful” firewalls. They will also prove to be more secure than “deep inspection” firewalls. High-performance proxy firewalls are available today which are easily capable of handling gigabit-level traffic. Discover more by reading on.
Buying Guides
Latest Products
