In today’s debate about cyberwar, all information disclosed seems to come with an agenda. Everyone evaluating the information is forced to look not only at the information, but the motivation for revealing that information. Worse, they can question if the information not revealed is shaped differently from what is revealed. A defender who reveals information regularly and in accordance with a policy will gain credibility, and with it, the ability to better influence the debate.
Adam brings up an interesting point here, regarding whether there are advantages for nation states to discuss the kinds of attacks they are stopping. Of course, the quote above sums up the issue – which is balancing information versus disinformation and not causing a panic. Adam defends disclosure (mostly to a fault), and we need folks out there pushing for more information sharing, which is critical to evolving the practice of information security.
That said, I do think in a lot of cases the public can’t handle the truth. They don’t want to handle the truth. They want to remain blissfully unaware of the impact of any attack, whether it’s an ICBM or a Stuxnet targeting their country’s critical infrastructure. What turns out to be a very brittle critical infrastructure – at least from an information security standpoint.
Maybe we’ll get to the point where the military apparatus parades a country’s hackers through the capital like they do the tanks and armored militia, just to allay the fears of the populace that someone is defending the cyber frontier. Now that would be entertaining.