There is no question that cyberspace is a new frontline in traditional and untraditional conflict. Many nations and organizations have the ability, directly and by proxy, to target and attack critical infrastructure within the US and worldwide. The recent cyber attacks launched within China against Google and several other companies raised questions about the state of industry preparedness to help defend cyberspace.
The US government relies on commercial industry to safeguard the Internet, telecommunications, power, water, and other critical infrastructure that underpin our national economy. Elements of this infrastructure also directly support our ability to project military power worldwide.
Industry works closely with the government to advance the ‘state of the possible’ in cyber defense. As a former CIO and military systems analyst, I have witnessed several generational cycles of defensive technology developments in the cyber arena. In the mid-90s, for example, system administrators configured firewalls (from standard computer systems) by hand, and reviewed log files (either manually or through then-clever application of scripts) to detect, characterize, assess, and potentially contain cyber intrusions. Today, automated intrusion prevention systems are available as commercial-off-the-shelf (COTS) products, integrated with firewalls and incident management solutions to allow very rapid detection and blocking of cyber attacks. This is just one example of how industry has worked closely with the government to deliver significant advances in cyber defense technologies.
Unfortunately, our cyber adversaries today have proven relentless and highly flexible in their endless pursuit of effective attacks (for an entertaining perspective on the topic, please read Toney Jenning’s “Caddyshack & The Defense of Cyberspace: No More “Wack-a-Mole”” post on GlobalSCAPE’s blog site). Those of us in the information security industry understand that the next major terrorist strike very well may come from the cyber domain or, at a minimum, include cyber attacks as part of a broader operation. From a traditional national security perspective, it is a near certainty that future adversaries will continue to develop their cyber attack capabilities. Such asymmetric warfare capabilities are increasingly attractive, given the overwhelming superiority of US forces in conventional, force-on-force combat.
As a result, GlobalSCAPE, our partners and many others in the industry are working tirelessly to deliver next-generation cyber defense capabilities and stay one step ahead of our adversaries. Our continued development in this area is a national imperative. We are excited by the prospects for transformational solutions like application whitelisting to allow more assured defense of the cyber frontier. We’ll be addressing a variety of cyber defense topics in future posts. Stay tuned!
[...] can’t swing the mallet fast enough. As Craig Robinson, the COO of GlobalSCAPE, pointed out in his blog post earlier today, “cyberspace has become a new frontline in traditional and untraditional [...]