Gary McGraw, CTO of Cigital and personality behind the great Silver Bullet podcast, has a great (albeit lengthy) essay on why CyberWarfare as it is currently waged in the U.S. is a shell game-- it's not really about "defense" at all, except for maybe that old adage: "the best defense is a good offense."A very brief excerpt:
When the Washington Post publishes a story hyping an ill-considered notion of cyber-retaliation misleadingly called "active defense" as a rational idea, we should all worry.
Active defense is normally a fairly innocuous and well-understood military term that refers to efforts to thwart an attack by attacking the attackers. In this nomenclature, "passive defense" would be protection through proactive security engineering. Strangely, this notion of passive defense (or protection) is completely ignored in the cyberwar debate. This is surprising, because proactive defense can serve as a differentiator and a serious deterrent to war.
No comments:
Post a Comment