Mar 202017


When you do content marketing for technology companies, it’s important to stay abreast of the latest IT developments and trends. This is especially true in a field like cybersecurity. Fortunately, as part of client projects I’m often able to attend conferences and trade shows that both keep me up to speed and provide the fodder for high-quality thought leadership content.

Last week I attended a government forum on cybersecurity sponsored by FireEye. It was an eye-opening experience regarding how persistent the attacks are against the United States, and what can be done to improve national cybersecurity.

FireEye CEO Kevin Mandia laid out the challenge clearly in the opening keynote. Mandia is a former Air Force intelligence officer, and talked about how when he first started saying cyber breaches are inevitable it was an extremely unpopular message in government circles. As he put it the bad guys only need to be right once, while good guys need to be right all the time, and are always on the defensive.

National cybersecurity is hampered by the lack of any no rules of engagement. The United States is also more vulnerable than some other countries to cyber-attacks due to our reliance the Internet connectivity and our open society. There has been a significant rise in the release of stolen information to embarrass and discredit prominent citizens and the government. This isn’t much of a threat to countries without a free press to disseminate the information.

Mandia laid out five areas of focus for what the government could do to better protect critical infrastructure and the country at large from attacks:

  1. Defend our networks – there needs to be better information and vulnerability sharing.
  2. Develop a true deterrence – our adversaries know there is no cost involved in attacking the United States. Mandia explained there are only two kinds of deterrence – “money or might.” Either attackers are made to pay financially, or the United States needs an offensive capacity for proportional responses.
  3. Attribution – the Internet is not anonymous. Get attribution right, and make it public whenever possible to raise awareness.
  4. Work for international norms – this will not be easy, but over time it will be possible to segregate the bad actors, nations that want to exploit the Internet and modern connectivity for destructive ends.
  5. Design a “Shields Up” capability – even in American intelligence knew of an imminent cyber-attack, there is nothing we could do today to protect the targeted asset. This capability must be developed, then applied first to critical infrastructure and then to more and more potential targets in our country.

There are some signs things could be changing.  Justice Department indictments of Russian intelligence officers for the massive 2014 Yahoo breach are good examples of the kind of attribution needed to identify and isolate bad actors. Government CISOs at the forum talked about moving beyond compliance to more proactive risk management online, and a growing understanding that security isn’t something you buy, it’s something you do.

America invented the Internet. It has powered an explosion in innovation, productivity and personal connectivity around the globe. But it was not designed with security as a priority. Today certain countries are operationalizing efforts that exploit that insecurity, and have turned cyberspace into a hostile environment.

It’s time we started defending ourselves better.




 Leave a Reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>