Recommended Reading

October 8th, 2012 by zen

….Gourley began with his own question for the panelists. Can we meaningfully explore the history of cyber in an unclassified way? Jay Healey, who is currently the lead investigator for the Cyber Conflict Studies Association’s cyber history book, thought you could. Right now so much information comes from the private sector, and hence is unclassified. Today’s model of cyber information sharing relies on the private sector to provide the intelligence, as it is typically their networks and infrastructure that comes under attack. In the theoretical division of labor, it is then the government’s role to solve the problem, but in practice, it has always been the network owners and private companies that take action, suggesting that the relationship should be reversed. As it stands, classified information isn’t terribly important as it stays within the government anyway. Devost added that while classified information is valuable and government agencies should be studying that history themselves, we can still form a cogent story without it for the private sector. Sean Kanuck noted that the unclassified parts of the story are typically the most important. More critical for the full story is including two kinds of cyber analysis that work best together: the forensic, which is done both by government and industry, and the analytic, which can determine why the attack occurred and is performed by the intelligence community but also by business intelligence. RADM Cox answered that while the classified aspects of history are required to get the full picture, the account without them can still be a useful and accurate one.

The first comment from the audience was that when we study history to understand cyber, we should go back even further, which led to a discussion of valuable historical works that can inform intelligence. Some suggested reading from audience members and panelists included Machiavelli, Alvin and Heidi Toffler’s War and Anti-War, the 1999 Chinese PLA manual Unrestricted Warfare, international law and humanitarian law textbooks, and The Victorian Internet, which explores the first cyber attacks and cyber espionage using telegraphs.

Volokh Conspiracy –Cybersecurity and Attribution — Good News At Last?

….Right now, policymakers are intent on improving network security, perhaps by pressing the private sector to improve its security, or by waiving outmoded privacy rules that prevent rapid sharing of information about attackers’ tactics and tools.

Those things would improve our network security, but not enough to change our strategic position – which is bad and getting worse. The hard fact is that we can’t defend our way out of the current security crisis, any more than we can end street crime by requiring pedestrians to wear better and better body armor.

That’s why I’ve been urging a renewed strategic focus on catching attackers and punishing them. Catching and punishing rulebreakers works for street crime. It even works for nation states. So why hasn’t it worked in the realm of network attacks? Mostly because our intelligence community insists that attribution is just too hard.

I think that’s wrong, and I’ll spend this post explaining why.

My theory is simple: The same human flaws that expose our networks to attack will compromise our attackers’ anonymity. Or, as I put it in speeches, “The bad news is that our security sucks. The good news is that their security sucks too.”

War is Boring – I’m Hit! I’m Hit!’

City Journal (Sol Stern) –The Curriculum Reformation

The Carnegie Endowment – New Leaders, New China?

Page 2 of 3 | Previous page | Next page

Posted in recommended reading, recommended viewing | 4 comments

Previous post: Haaretz on the Temple Mount, pt II: axis mundi
Next post: Form is insight: the bow to arrow paradox