Sensitive but Unclassified Information: A Threat to Physical Security

Considerable effort has gone into analyzing the possibilities of an 'electronic Pearl Harbor' attack against the United States. While theories about the possibilities of cyber warfare and terrorist attacks on United States soil have been debated since the mid-1990s life for all Americans changed on September 11 2001. We have an enemy or enemies who have demonstrated their willingness to attack us with unconventional means on our home soil. While we have expended great efforts into defending our company networks against hackers viruses and worms let us not overlook the fact that the biggest threat to our critical infrastructures and even our buildings does not lie in cyberspace. Far more damage can be affected in the physical world. We must consider this new reality when we post information on to a website. We must consider the real possibilities of publicly available information becoming a threat to physical security. Defending our companies and the 'critical infrastructure' of the United States must be extended to include physical security. Defending the physical security of a company or other critical assets does not lie in the exclusive domain of the security guard. That duty extends also to the information department.