The TSA, Metadata And You: How Cybersecurity Techniques Can Avoid Security Theater

July 18, 2016

The TSA is predicting long waits for flyers. It’s also trying to hire more staff because it miscalculated the number of enrollments in TSA-PreCheck, its expedited security-screening program. The situation is so bad they fired their director of security. But how was he to understand Little’s Law, that states a queueing system under heavy load is exponentially sensitive to additional load, so a tiny increment in traffic can lead to queue lengths that grow without bound?

According to a leaked TSA document, the agency’s failure rate is about 95%, meaning it has failed to spot the “known bad” (i.e. testers with weapons) in almost every test. There are also false alerts, which waste passengers’ time as they are needlessly searched. Is it really the case that, with all of the innovative power of the U.S. tech industry, we cannot detect whether someone’s shoes contain explosives or not?

With over two decades of experience in the security industry, I find it easy to spot the similarities between the TSA and most enterprise network security perimeters that are “protected” by cybersecurity vendors. Just as weapons can make their way through airport security, cyber attackers can easily penetrate enterprise networks.

Read full story…