The dark side of social networking activity on the internet continues to generate much debate over maintaining information security levels, protection of individual rights of privacy, and in general, elements of compliance and risk management all rolled up into one controversial topic.

This article written by David F. Carr, a writer for the Government Computer News magazine, adds a unique perspective to that debate.  The focus of this article deals with not so much the twittering away of bits of information, as much, as trying to understand the risks involved with someone (i.e. an adversary) who puts those pieces of random information together and can potentially gain knowledge which can truly become a matter of national security.

Click here to read more about the Department of Defense’s perspective on this topic.

Goerge Heuston, a retired FBI Agent, and current project manager for the Hillsboro Police Department and columnist for the Hillsboro Argus newspaper, reminds us of the Red Flag Rules that will take effect August 1, 2009.

We have had blog entries on this topic before, and, with the pending effective date for enforcement now approaching, we may need to again become familiar with the benefits of this are for those of us who might have had our identities stolen in the past.  The “Red Flag Rules” link above connects you to a FTC summary reading of the topic entitled “Fighting Fraud with the Red Flag Rules: How To Guide for Business”.  

Read this article.

The National Institute of Standards (NIST) has just released the first draft set of security controls for all government information systems  — including national security systems.

The document is expected to be finalized by July 1, 2009.

This document is referred to as  ”Special Publication 800-53, Revision 3″ and is titled, “Recommended Security Controls for Federal Information Systems and Organizations”.

This document SP800-53 is part of a series of documents setting out standards, recommendations and specifications for implementing the Federal Information Security Management Act.

Read this article.  Download this draft publication.