Organizations such as WashingtonDCFIRST exist in our Nations Capital to address the need for a coalition of private sector companies and people to work on being proactive, not reactive.
"Defend Forward."
This requires leadership to focus on the critical interdependencies you share with your large corporate neighbor down the street or around the corner.
Do you both share the same Central Office from Verizon? Do you have the same pumping station for DC Water? Do you have a shared sub-station for power from Pepco?
If you do, then you both know some of your Single-Points-of-Failure.
While you may never be able to establish walls, or fences high enough and virtual ICS locked gates to totally protect your single-points-of-failure, you can create an architecture that deters attacks and detects changes.
And if you do have an alert or alarm go off, then you must investigate the incident no matter how insignificant it may be. Those organizations who believe that they are not in the bulls eye of some worthy adversary, should pay attention:
"Defend Forward."
This requires leadership to focus on the critical interdependencies you share with your large corporate neighbor down the street or around the corner.
Do you both share the same Central Office from Verizon? Do you have the same pumping station for DC Water? Do you have a shared sub-station for power from Pepco?
If you do, then you both know some of your Single-Points-of-Failure.
While you may never be able to establish walls, or fences high enough and virtual ICS locked gates to totally protect your single-points-of-failure, you can create an architecture that deters attacks and detects changes.
And if you do have an alert or alarm go off, then you must investigate the incident no matter how insignificant it may be. Those organizations who believe that they are not in the bulls eye of some worthy adversary, should pay attention:
- Shape behavior - The United States must work with allies and partners to promote responsible behavior in cyberspace.
- Deny benefits - The United States must deny benefits to adversaries who have long exploited cyberspace to their advantage, to American disadvantage, and at little cost to themselves. This new approach requires securing critical networks in collaboration with the private sector to promote national resilience and increase the security of the cyber ecosystem.
- Impose costs - The United States must maintain the capability, capacity, and credibility needed to retaliate against actors who target America in and through cyberspace.
No comments:
Post a Comment