Shifting the Security Paradigm - the Risks of Information Assurance

As the Department of Defense (DoD) moves to create decision superiority through the use of Network Centric Operations (NCO), decision-makers be­come increasingly exposed to data quality vulnerabilities that mimic integrity failures within the Information Assurance (IA) security program. This is a re­sult of the current IA policies not having the controls needed to mitigate risks involving data quality (accuracy, relevance, timeliness, usability, complete­ness, brevity, and security) beyond the current list of limited security issues. Such narrowness of scope increases uncertainty among decision makers using critical DoD information systems and leaves them vulnerable to both decep­tion and overall mission degridation. To mitigate these outcomes, this book presents a modified Action Research process to expand IA risk evaluation cri­teria beyond the limitations of the current DoD security paradigm and to identify undocumented risks such as data quality. This research is designed to offer insight and guidance to network users, researchers, policy makers and other key players involved with IT security, networks, and operations in­volving critical information systems.