Exposure during times of crisis
Human tragedy brings out the best and the worst in people, and the events at the World Trade Center are no exception. Since we have all been inundated with sights of the good, we would like to mention a few of the less-good things that have been going on. There has been some minor amount of looting, some fake bomb-threats, and the ever-popular charity scams.
More interestingly, we have heard rumors that some of the more ambitious and less scrupulous have been taking advantage of breeches in electronic and physical security to increase efforts at information theft. While clearly illegal, the message here is clear: In times of crisis information security remains a critical item, and can be more vulnerable than usual.
What needs to be done? Nothing special: You still need to be monitoring for attack and responding. You still need to be identifying critical information and protecting it. You just need to be doing it during a state of confusion, with less staff and fewer resources.