Security experts are pushing back against what they see as alarmist rhetoric from U.S. Department of Homeland Security secretary Janet Napolitano and Department of Defense secretary Leon Panetta, who warn about the potential for a "cyber Pearl Harbor" when promoting the efforts of their departments to improve cybersecurity.
BT's Bruce Schneier says the casting of security concerns in the context of cyberwar are overblown and unhelpful. Schneier says the dangers that Panetta and Napolitano describe are marginal and argues that the use of war terminology is merely "a neat way of phrasing it to get people's attention. The threats and vulnerabilities are real, but they are not war threats."
Schneier agrees with Cigital's Gary McGraw that the focus on the national level should be on what they call "built-in security" rather than the active defense model preferred by Napolitano and Panetta, which in part calls for preemptive cyberattacks against potential aggressors. Schneier and McGraw point to a paper authored by Good Harbor Consulting's Jacob Olcott that says "owners and operators of critical infrastructure can achieve long-term cost savings and significantly reduce cyberrisk by adopting secure development."
From CSO Online
View Full Article
No entries found