Snowden’s Remarks Should Make Any InfoSec Professional Shiver

June 11, 2013 John Worrall

by John Worrall

Whatever your personal views on Edward Snowden’s activities with NSA secrets, his words and actions should send a chill down the spine of every infosec professional. Every organization has someone with the privileged access that Snowden was trusted with. For the NSA, the information has national security implications, but privileged users in commercial organizations can cause catastrophic business damage as well.

Take this quote from the Q&A with Snowden in his video interview with The Guardian on June 6th. As you read it, replace his references to “NSA secrets” with your company’s most confidential data. Then ask yourself this: what you are doing to manage privileged identities and continuously monitor their use?

“Anybody in the positions of access with the technical capabilities that I had could suck out secrets, pass them on the open market to Russia, they always have an open door, as we do […] I had access to the full roster of everyone working at the NSA, the entire intelligence community, and undercover assets all around the world, the locations of every stations we have, what their missions are and so forth. If I just wanted to harm the US, I could shut down the entire surveillance system in an afternoon.”

(Listen to Snowden in his own words. This quote starts around the 9’45” mark of the video.)

Previous Article
Lessons from Snowden: You Must Monitor
Lessons from Snowden: You Must Monitor

by John Worrall Since Edward Snowden went public with his story about NSA spying programs, the business com...

Next Article
A New Privileged Account Security Model
A New Privileged Account Security Model

by Derrick Pyle Regular readers of our blog know that one of our favorite topic areas is the connection bet...