The advantages cyber defenders have over attackers are numerous and extensive, but only if you’ve got the wherewithal — or actual defenders — to exploit those advantages.
Continue ReadingThe Wolf Approaches
If cybersecurity had a doomsday clock, it just got closer to midnight. Thankfully, we’ve got a snooze button.
Continue ReadingThe Wall: Undermining National Security in More Ways Than One
The nation’s longest federal government shutdown continues, along with the debate on the issue that triggered it: a wall on the border between the U.S. and Mexico. While every serious voice agrees on the importance of secure borders, what constitutes effective border defense varies widely. Largely ignored in these discussions: how the financial and emotional […]
Continue ReadingCyber Stars
/* Warning: Extensive over-use of the word “cyber” ahead. */ The other day my old friend and colleague Bob Gourley Tweeted: Random thought: There are 24 four-star flag officers in the U.S. military. Every 4 star I have ever met is really smart. But only one of those 24 has real cyber war experience, […]
Continue ReadingThe Global Ungoverned Area
Looking at the Internet through Westphalian-tinted glasses is not going to make us safer or more secure.
Continue ReadingCyber War: The Fastest Way to Improve Cybersecurity?
It is still a struggle to get people and organizations to take cybersecurity seriously. A cyberspace-based conflict may be the most likely way for us to make progress.
Continue ReadingWhat Cybersecurity and a Trip to the Dentist Have in Common
You have to attack the problem at the root, and that means blood, sweat, and tears.
Continue ReadingCybersecurity Through the Lens of Rock Climbing
I’ve been to a lot of kid’s sporting events in the last decade plus. They have their moments, but I think I speak for all parents who are not living vicariously through their child’s prowess on the field of play when I say there are a few dozen places you’d rather be than sitting on […]
Continue ReadingBreaches Forever!
The computer security industry is not stopping breaches. Not for lack of trying, but if you’re familiar with the myth of Sisyphus, such efforts are the definition of pointless. If this sounds strange coming from a computer security person, it shouldn’t. I’m not here to blow smoke up your fourth point of contact; I’m hear […]
Continue ReadingThe Equifax Breach is Not Special
The hue and cry over the Equifax hack has subsided to a dull roar. We’ve passed the stage of ‘initial reports,’ which are usually wrong, and are firmly in armchair cybersecurity pundit mode. ‘What did Equifax executives know and when did they know it?’ inquiring minds want to know, among other things of varying relevance. […]
Continue Reading