When it WikiLeaks, it pours!


Openleaks (www.openleaks.org) (see Reuters says it plans to be up-and-running in 2011, is already “drowning in applications”, and promises to stay neutral when it comes to politics.

This comes on the heels of WikiLeaks events of the past two weeks that have seen Julian Assange indicted on sex-related charges, the U.S. Department of Justice authorizing significant actions related to criminal charges and the abandonment of business as usual among organizations and people identified in the ‘leaks’.

I’m glad to see some journalistic credibility and redaction-to-protect-people: but are you glad about this turn-of-events?

Whether you agree or disagree with the widespread availability of sensitive information, the unfolding of these events is witness to some sad realities, including:

Less than 1-in-10 organizations knows whether sensitive information has flown the coop

The other 9-in-10 don’t find out until it’s much too late

Less than half of all organizations even classify information

Only 4-in-10 organizations take precautions to cryptographically protect sensitive information

To understand the extent of the problem, see:

What Color Is Your Information Risk

Automation, Practice and Policy in Information Security for Better Outcomes

Assessments @ IT Policy Compliance

Army’s of lawyers, lawsuits and criminal charges are not going to put the information-leaking Genies back into the proverbial bottle, whether the leakers focus on governments, large businesses, celebrities or other inviting targets.

Joined by BrusselsLeaks, IndoLeaks, BalkanLeaks (see Forbes a coming-of-age of leaked confidential information is More-leaks as newbie info-leakers vie for attention, power, control, advocacy-position, fraud, ransoms and other aims.

If organizations want to come to grips with the coming down-side era of the Internet, it will be time to do what should have been done all along: clean-up-your own house!

This starts with coming to grips with the extent of poor practices, including pretending the risks do not exist or shooing the risks away, lax or non-existent policies, non-existent or poorly understood procedures, non-existent controls and underfunded practices.

Law has never stopped the flow of information … cleaning up one’s own house is much less expensive and more likely to avoid embarrassing consequences and worse.



Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: