A couple of recent news stories got me thinking about the confluence of practicality and morality that should inform effective computer incident response.

The first case may seem silly: Richard Marson, the editor of a popular child’s show called “Blue Peter” on the British Broadcasting television network was suspended in September 2007 “after it emerged that the wrong name had been chosen for the new Blue Peter cat in an online poll.” Apparently the children wanted “Cookie,” but upper management allegedly ordered the staff to chose “Socks” - and Marson is taking the consequences.

The second news report is much more serious and will touch many readers deeply. In brief, there is overwhelming evidence that U.S. Army doctors have been deliberately lying about the medical condition of veterans returning from the U.S. invasion of Iraq. In many documented cases, the doctors have unjustifiably labeled wounded veterans as suffering from pre-existing personality disorders.

The wounded veterans are therefore denied their well-deserved medical benefits because they are discharged under Regulation 635-200, Chapter 5-13. The benefits withheld are estimated in the tens of billions of dollars and many of the veterans and their families are suffering severe financial woes.

Worse, new investigations reveal that assurances of independent review of the situation made by Maj. Gen. Gale Pollock, acting surgeon general of the Army, are outright lies. Pollock claimed that she had ordered a “comprehensive review… conducted by a panel of health experts” but a single reviewer, Col. Steven Knorr, was the only author of the first report. Knorr was in fact one of the psychiatrists allegedly mislabeling many of the wounded veterans as suffering from the pre-existing personality disorders being contested.

As a result of the scandal, Rep. Bob Filner (D-Calif.), chair of the House Committee on Veterans’ Affairs, scheduled public hearings on the matter in July. The investigations continue.

In both of these cases, the dishonesty of managers has resulted in embarrassment and additional expenses for their organizations. Employees have been scrambling to gather information more quickly than they would have under normal circumstances; public relations staff are undoubtedly working overtime - and perhaps making yet more mistakes because of the pressures to recover credibility. Supervisory bodies have been dragged into investigations. I’m sure that morale among employees is damaged.

M. E. Kabay, PhD, CISSP-ISSMP, specializes in security and operations management consulting services. CV online.