February 9, 2016

Cybersecurity Lost In Unknowns

Today unveiled is a new Cybersecurity National Action Plan

This in the wake of another Federal data breach on Sunday at the Department of Justice where hackers stole and published online the contact information for 9,000 DHS and 20,000 FBI personnel

And this coming on the heels of the breach at OPM that stole sensitive personnel and security files for 21 million employees as well as 5.6 million fingerprints.

While it is nice that cybersecurity is getting attention with more money, expertise, public/private poartnerships, and centers of excellence. 

What is so scary is that despite our utter reliance on everything cyber and digital, we still have virtually no security!

See the #1 definition for security--"the state of being free from danger or threat."

This is nowhere near where we are now facing threats every moment of every day as hackers, cybercriminals, cyber spies, and hostile nation states rapidly cycle to new ways to steal our secrets and intellectual property, commit identity theft, and disable or destroy our nation's critical infrastructure for everything from communications, transportation, energy, finance, commerce, defense, and more. 

Unlike with kinetic national security issues--where we regularly innovate and build more stealthy, speedy, and deadly planes, ships, tanks, surveillance and weapons systems--in cyber, we are still scratching our heads lost in unkowns and still searching for the cybersecurity grail:

- Let's share more information

- Let's throw more money and people at the problem.

- Let's seek out "answers to these complex challenges"

These have come up over and over again in plansreviewsinitiatives, and laws for cybersecurity.

The bottom line is that today it's cyber insecurity that is prevailing, since we cannot reliably protect cyber assets and lives as we desperately race against the clock searching for real world solutions to cyber threats. 

Three priorities here...

1) Build an incredibly effective intrusion protection system
2) Be able to positively tag and identify the cyber attackers 
3) Wield a powerful and credible offensive deterrent to any threats ;-)

(Source Photo: Andy Blumenthal)

No comments: