The need to protect classified information quickly and securely has never been greater. For government agencies in particular, unauthorized disclosures – with the potential to inflict a multi-million dollar loss, damage to national security or even loss of life – can be damaging and irreversible.
As these security risks continue to evolve, information security officers are not only forced to proactively identify, evaluate and manage security risks for the health of their departments, they are required to do so by evolving laws.
Presidential and Congressional mandates such as Executive Order 13587 (issued to address Sharing and Safeguarding Information), section 922 of the 2012 Department of Defense (DOD) authorization bill (that explicitly requires the DOD to address threats posed by computer infrastructure) and the Federal Information Security Management Act (or FISMA, which requires agencies to implement programs to secure operations and assets and report annually on compliance) have been implemented to mitigate insider threats from unauthorized duplication and transmission of classified information.
Your agency has likely already taken steps to address digital security issues – but are you overlooking those posed by paper?