Our Blog

To Coin a Phrase…

added: 06.06.2013, by Mike Spinney

When I was a younger man, I spent a lot of time on my Univega 18-speed touring bicycle. I lived in Portland, Maine and that bike took me everywhere my feet didn’t. In May of 1988 I got on the saddle and pointed myself west on Route 25 and didn’t stop until I reached Detroit, Michigan. An odd destination, yes, but that was where a Navy buddy, fellow cyclist and good friend of mine happened to live.

It was that friend who imparted upon me a little piece of wisdom: there are two kinds of bicyclists – those who have fallen, and those who will.

Fast forward a decade and a half or so and I was involved in the early days of the privacy debate. As a co-chair of the International Association of Privacy Professional’s Boston KnowledgeNet chapter, I quipped during one meeting that there are two kinds of companies – those that have had a data breach, and those that will. (Soon thereafter I amended my comments to “…those that have been breached, and those that don’t know they’ve been breached.”)

Since then, that chestnut has been repeated often by everyone from business executives to information security luminaries, including Congressman Mike Rogers, chair of the House Intelligence Committee, and even FBI Director Robert Mueller.
  
Yup. I’m taking credit for that (now) cliché. Of course, it wasn’t a cliché when I coined the phrase; it was a stroke of genius... or at least common sense.

But besides patting myself on the back, the point I want to make is that, whenever that statement is used, it is to punctuate the ever-present risk of data loss. During the World Wars posters were used to raise awareness over the dangers of letting information slip. Propaganda posters are still a good way to make such points, as this graphic from Cloudhance demonstrates (headlined by a familiar sounding phrase).

As an intelligence specialist in the Navy during the Cold War, I was constantly reminded of the importance of information security. At the time it was largely an analog world, and I became well acquainted with a very large paper pulverizer that could turn a 50 page classified manual into powder in a matter of seconds, and I was accountable for every page from the moment I took custody of the documents until they were rendered to dust. The specter of many years spent breaking rocks at Fort Leavenworth hung over my head if I failed in my duty.

At sea our battle group was nearly always followed by Soviet Union “fishing boats,” their antenna arrays constantly monitoring communications, and their nets seeking to scoop up whatever trash might be floating in our wake. An errant scrap of paper might contain some shred of information that, when combined with other data, could help the enemy better understand its adversary.

Whether military, business, or personal, someone is collecting pieces of information and putting them together like a big puzzle, and every careless act brings the image they are building into clearer focus.

We may not be able to prevent every data breach, but with vigilance we can minimize the risk. Loose lips can still sink ships.