These days it is hard to swing a cyberstick without hearing a cybergasp of cyberstration at the inevitable cyberbuse of the word “cyber”.
To be clear, I think ‘cybersecurity’ is not only an acceptable term, but a particularly suitable one. It is easy to understand and covers aspects of IT security the term “IT security” doesn’t quite describe as well. There are entire verticals which think of IT security as “the stuff in the office” and use other terms for all the other technology that powers their operations.
But snapping cyber onto the front of another word can be misleading. Take, for example, cyberwar and cyberwarrior.
We are, very clearly, engaged in an ongoing long-term conflict with a myriad of threat actors. And I think there is something that qualifies as cyberwar, and even cyberwarriors. Believe it or not, some people with that skill set work in-theater, under arms, and at risk.
But when you dig in this is more a spy’s game than a warrior’s battlefield. Defensive security professionals are engaged more in counterintelligence and espionage than violent conflict, especially because we can rarely definitively attribute attacks or strike back.
Personally, as Han Solo once said, “Bring ‘em on, I’d prefer a straight fight to all this sneaking around”, but it isn’t actually up to me. So I find I need to think as much in terms of counterintelligence as straight-up defense. That’s why I love some of the concepts in active defense, such as intrusion deception – because we can design traps and misdirection for attackers, giving ourselves a better chance to detect and contain them.
Admit it – you love spy movies. And while you probably won’t get the girl in the end (that’s a joke for whoever saw Kingsman), and you aren’t saving the world, you also probably don’t have to worry about someone sticking bamboo under your fingernails.
Until audit season.
I have some family in town and ran out of time to do a proper summary, so I shortened things this week.
Favorite Securosis Posts
- Mike: Summary: Three Mini Gadget Reviews… and a Big Week for Security Fails. I like Rich’s reviews. For stuff that I likely won’t get because I’m not a techno-addict.
Other Securosis Posts
Favorite Outside Posts
- Adrian Lane: The Great SIM Heist. Good story. I think it’s hard for a lot of people to fathom that this type of stuff really happens. Truth is stranger than fiction!
- Mort: Transcript: NSA Director Mike Rogers vs. Yahoo! on Encryption Back Doors
- Mike: What APT Is. Bejtlich uploads a piece he wrote for TechTarget a few years ago. A good reminder of what the APT actually is – not what the marketers tell you it is.
- Pepper: Cybergeddon: Why the Internet could be the next “failed state”
- Rich: Attribution is the new black…what’s in a name, anyway? Private companies need to stop this. It is becoming an embarrassment to our profession.
- Gemalto Officials Say SIM Infrastructure Not Compromised. Bullshit.
- US offers $3m reward for arrest of Russian hacker Evgeniy Bogachev
Research Reports and Presentations
- Security and Privacy on the Encrypted Network.
- Monitoring the Hybrid Cloud: Evolving to the CloudSOC.
- Security Best Practices for Amazon Web Services.
- Securing Enterprise Applications.
- Secure Agile Development.
- Trends in Data Centric Security White Paper.
- Leveraging Threat Intelligence in Incident Response/Management.
- Pragmatic WAF Management: Giving Web Apps a Fighting Chance.
- The Security Pro’s Guide to Cloud File Storage and Collaboration.
- The 2015 Endpoint and Mobile Security Buyer’s Guide.